Report: Healthcare Data Breaches Expected to Increase in 2015

Dec. 8, 2014
Data breaches in healthcare are expected to increase in 2015 due to potential economic gain and digitization of records, according to Experian’s 2015 Second Annual Data Breach Industry Forecast.

Data breaches in healthcare are expected to increase in 2015 due to potential economic gain and digitization of records, according to Experian’s 2015 Second Annual Data Breach Industry Forecast.

According to the report, increased movement to electronic medical records (EMRs), and the introduction of wearable technologies introduced millions of individuals into the healthcare system, and, in return increased, the potential for data breaches.

Healthcare organizations face the challenge of securing a significant amount of sensitive information stored on their network, which combined with the value of a medical identity string, makes them an attractive target for cybercriminals. The problem is further exasperated by the fact that many doctors’ offices, clinics and hospitals may not have enough resources to safeguard their patients’ protected health information (PHI). In fact, an individual’s Medicare card — often carried in wallets for doctors’ visits — contains valuable information like a person’s Social Security number (SSN) that can be used for fraud if in the wrong hands. Although the report’s authors note that they are not aware of any federal or law enforcement agency which tracks data on SSN theft from Medicare cards, the problem is widely acknowledged.

As such, the report estimates that the potential cost of breaches for the healthcare industry could be as much as $5.6 billion annually. It also referenced a Ponemon Institute survey that found that 72 percent of healthcare organizations say they are only somewhat confident (32 percent) or not confident (40 percent) in the security and privacy of patient data shared on health information exchanges (HIEs).

What’s more, it predicted that this year, in light of recent breaches, several states are likely to adopt new standards that expand the definition of personal data to include email and password information and non- Health Insurance Portability and Accountability Act (HIPPA) related health data, such as health insurance policy numbers and subscriber identification numbers. Under these proposals, the expanded definition of personal data could trigger breach notices in more frequent circumstances.

“Healthcare organizations will need to step up their security posture and data breach preparedness or face the potential for scrutiny from federal regulators. Reported incidents may continue to rise as electronic medical records and consumer-generated data adds vulnerability and complexity to security considerations for the industry,” the report’s authors concluded.

Sponsored Recommendations

The Future of Storage: The Complexities and Implications in Healthcare

Join us on January 23rd to explore the future of data storage in healthcare and learn how strategic IT decisions today can shape agility and competitiveness for tomorrow.

IT Healthcare Report: Technology Insights for a Transformative Future

Explore the latest healthcare IT trends, challenges, and opportunities in AI, patient care, and security. Gain actionable insights to navigate the industry's transformation.

How to Build Trust in AI: The Data Leaders’ Playbook

This eBook strives to provide data leaders like you with a comprehensive understanding of the urgent need to deliver high-quality data to your business. It also reviews key strategies...

Quantifying the Value of a 360-Degree view of Healthcare Consumers

To create consistency in how consumers are viewed and treated no matter where they transact, healthcare organizations must have a 360° view based on a trusted consumer profile...