Report: Healthcare Data Breaches Expected to Increase in 2015

Dec. 8, 2014
Data breaches in healthcare are expected to increase in 2015 due to potential economic gain and digitization of records, according to Experian’s 2015 Second Annual Data Breach Industry Forecast.

Data breaches in healthcare are expected to increase in 2015 due to potential economic gain and digitization of records, according to Experian’s 2015 Second Annual Data Breach Industry Forecast.

According to the report, increased movement to electronic medical records (EMRs), and the introduction of wearable technologies introduced millions of individuals into the healthcare system, and, in return increased, the potential for data breaches.

Healthcare organizations face the challenge of securing a significant amount of sensitive information stored on their network, which combined with the value of a medical identity string, makes them an attractive target for cybercriminals. The problem is further exasperated by the fact that many doctors’ offices, clinics and hospitals may not have enough resources to safeguard their patients’ protected health information (PHI). In fact, an individual’s Medicare card — often carried in wallets for doctors’ visits — contains valuable information like a person’s Social Security number (SSN) that can be used for fraud if in the wrong hands. Although the report’s authors note that they are not aware of any federal or law enforcement agency which tracks data on SSN theft from Medicare cards, the problem is widely acknowledged.

As such, the report estimates that the potential cost of breaches for the healthcare industry could be as much as $5.6 billion annually. It also referenced a Ponemon Institute survey that found that 72 percent of healthcare organizations say they are only somewhat confident (32 percent) or not confident (40 percent) in the security and privacy of patient data shared on health information exchanges (HIEs).

What’s more, it predicted that this year, in light of recent breaches, several states are likely to adopt new standards that expand the definition of personal data to include email and password information and non- Health Insurance Portability and Accountability Act (HIPPA) related health data, such as health insurance policy numbers and subscriber identification numbers. Under these proposals, the expanded definition of personal data could trigger breach notices in more frequent circumstances.

“Healthcare organizations will need to step up their security posture and data breach preparedness or face the potential for scrutiny from federal regulators. Reported incidents may continue to rise as electronic medical records and consumer-generated data adds vulnerability and complexity to security considerations for the industry,” the report’s authors concluded.

Sponsored Recommendations

Harnessing the True Power of Cultural, Clinical and Operational Data

Optimize healthcare performance by combining clinical, operational, and cultural insights. A deeper understanding of team factors improves care and resource management.

How Digital Co-Pilots for patients help navigate care journeys to lower costs, increase profits, and improve patient outcomes

Discover how digital care journey platforms act as 'co-pilots' for patients, improving outcomes and reducing costs, while boosting profitability and patient satisfaction in this...

5 Strategies to Enhance Population Health with the ACG System

Explore five key ACG System features designed to amplify your population health program. Learn how to apply insights for targeted, effective care, improve overall health outcomes...

A 4-step plan for denial prevention

Denial prevention is a top priority in today’s revenue cycle. It’s also one area where most organizations fall behind. The good news? The technology and tactics to prevent denials...