Report: Health Plan Data Breaches Surge 1000% in First 5 Months of 2018
A recent report found health plans reported 24 breaches that affected 884,360 individuals, up from 15 breaches that affected 70,166 individuals.
A new report shows the total number of individuals impacted by data breaches at health plan organizations increased by more than 1,000 percent in the first five months of 2018.
Fortified Health Security’s 2018 Mid-Year Horizon Report highlights the growing number of cybersecurity attacks in the form of phishing campaigns, ransomware attacks and breaches initiated through email.
Health plans reported 24 breaches that affected 884,360 individuals in the first five months of the year, up from 15 breaches affecting 70,166 individuals during the same period last year, reports Health IT Security.
Business associates also saw a significant spike, reporting 12 breaches affecting 100,602 in the first five months of 2018, up from seven breaches affecting 71,462 individuals during the same period last year.
While the surge in health plan data breaches is significant, healthcare providers still make up the biggest share of healthcare data breaches, accounting for three-quarters of all reported breaches and 65 percent of individuals affected.
Overall, in the first five months of 2018, 149 reported breaches affecting over 2.8 million individuals, compared to 134 breaches affecting 2.0 million individuals during the same period in 2017.
Email attacks accounted for almost 28 percent of all reported breaches in 2018, up from three percent last year, according to the report.
“While we have made progress in some areas and continue to invest in cybersecurity as an industry, most healthcare organizations are not allocating enough capital to keep up with the momentum of our adversaries,” said Fortified Health Security President Dan L. Dodson. “It’s important to remember that training and awareness should be the cornerstones of any solid cybersecurity program as having the right people in place continues to be our biggest challenge.”
The report further discusses the human capital struggle experienced by many healthcare organizations, advising providers to deploy a comprehensive cybersecurity risk program, according to Markets Insider.
The report also explains how protecting connected medical devices continues to be a concern for healthcare providers and device manufacturers.
“While the FDA’s plan is well-intended and addresses certain aspects of the risks associated with connected medical devices, there are several gaps that still need to be addressed,” said Dodson, referring to the FDA’s recently released Medical Device Safety Action Plan. “Also, until the FDA, HHS and by default the OCR, get on the same page and force manufacturers to take security seriously, and hold them accountable, the industry will continue to struggle, and the risk of catastrophic failure will increase.”
If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our FREE digital newsletters!
Leading in Turbulent Times: Effective Campus Public Safety Leadership for the 21st Century
This new webcast will discuss how campus public safety leaders can effectively incorporate Clery Act, Title IX, customer service, “helicopter” parents, emergency notification, town-gown relationships, brand management, Greek Life, student recruitment, faculty, and more into their roles and develop the necessary skills to successfully lead their departments. Register today to attend this free webcast!
Great post, very informative. Thank you for the insight.
Request you to have a look at the Unisys Healthcare article on Healthcare Security Challenges.
[…] Another 2017 report found 15% of all ransomware attacks occurred in the healthcare sector and a report released last year found health plan data breaches were up 1000% in the first five months of […]