Report: Healthcare Data Breaches Expected to Increase in 2015

Dec. 8, 2014
Data breaches in healthcare are expected to increase in 2015 due to potential economic gain and digitization of records, according to Experian’s 2015 Second Annual Data Breach Industry Forecast.

Data breaches in healthcare are expected to increase in 2015 due to potential economic gain and digitization of records, according to Experian’s 2015 Second Annual Data Breach Industry Forecast.

According to the report, increased movement to electronic medical records (EMRs), and the introduction of wearable technologies introduced millions of individuals into the healthcare system, and, in return increased, the potential for data breaches.

Healthcare organizations face the challenge of securing a significant amount of sensitive information stored on their network, which combined with the value of a medical identity string, makes them an attractive target for cybercriminals. The problem is further exasperated by the fact that many doctors’ offices, clinics and hospitals may not have enough resources to safeguard their patients’ protected health information (PHI). In fact, an individual’s Medicare card — often carried in wallets for doctors’ visits — contains valuable information like a person’s Social Security number (SSN) that can be used for fraud if in the wrong hands. Although the report’s authors note that they are not aware of any federal or law enforcement agency which tracks data on SSN theft from Medicare cards, the problem is widely acknowledged.

As such, the report estimates that the potential cost of breaches for the healthcare industry could be as much as $5.6 billion annually. It also referenced a Ponemon Institute survey that found that 72 percent of healthcare organizations say they are only somewhat confident (32 percent) or not confident (40 percent) in the security and privacy of patient data shared on health information exchanges (HIEs).

What’s more, it predicted that this year, in light of recent breaches, several states are likely to adopt new standards that expand the definition of personal data to include email and password information and non- Health Insurance Portability and Accountability Act (HIPPA) related health data, such as health insurance policy numbers and subscriber identification numbers. Under these proposals, the expanded definition of personal data could trigger breach notices in more frequent circumstances.

“Healthcare organizations will need to step up their security posture and data breach preparedness or face the potential for scrutiny from federal regulators. Reported incidents may continue to rise as electronic medical records and consumer-generated data adds vulnerability and complexity to security considerations for the industry,” the report’s authors concluded.

Sponsored Recommendations

Going Beyond the Smart Room: Empowering Nursing & Clinical Staff with Ambient Technology, Observation, and Documentation

Discover how ambient AI technology is revolutionizing nursing workflows and empowering clinical staff at scale. Learn about how Orlando Health implemented innovative strategies...

Enabling efficiencies in patient care and healthcare operations

Labor shortages. Burnout. Gaps in access to care. The healthcare industry has rising patient, caregiver and stakeholder expectations around customer experiences, increasing the...

Findings on the Healthcare Industry’s Lag to Adopt Technologies to Improve Data Management and Patient Care

Join us for this April 30th webinar to learn about 2024's State of the Market Report: New Challenges in Health Data Management.

Findings on the Healthcare Industry’s Lag to Adopt Technologies to Improve Data Management and Patient Care

2024's State of the Market Report: New Challenges in Health Data Management