A recent research report on data breaches in healthcare indicates that the hack of Anthem could end up costing more than a billion.
Redspin Inc., a Carpinteria, Calif.-based health IT security consultant, released its annual breach report this week, highlighting the rising tide of incidents in the healthcare industry. The firm reports that 2014 saw 164 incidents of breaches of protected health information reported to the Department of Health and Human Services (HHS) Office of Civil Rights (OCR), a 25 percent increase from 2013. The report shows that more than half of the breaches were the result of hacking, including the notable incident at Community Health System that affected 4.5 million patients.
The number doesn't include Anthem, which Redspin calls a landmark incident for health data security. "From here on, all [protected health information] breach statistics are going have to be reported as 'pre- or post-Anthem,'" says Daniel W. Berger, President and CEO of Redspin. "It's that big. We wouldn't be surprised to see the costs of the Anthem breach exceed a billion dollars."
Hackers are increasingly targeting health systems and insurers because the value that PHI holds on the black market, says Berger. Because of the sheer volume of health data that these organizations possess, he noted that it was only a matter of time before these hacks started becoming commonplace.