The threat of data breaches in healthcare continues to rise, and with it rises the incidence of malicious attacks on hospital and health system networks.
A new report from the Ponemon Institute indicates criminal attacks have become the main cause of healthcare data breaches for the first time.
Here are five key things to know.
1. Over the past five years, the occurrence of criminal attacks on healthcare organizations has increased 125 percent. Of the 178 healthcare organizations and business associates surveyed by Ponemon Institute, 45 percent of healthcare organizations and 39 percent of business associates reported a data breach whose root cause was a criminal attack. Additionally, 12 percent of healthcare organizations and 10 percent of business associates reported a data breach whose root cause was a malicious insider.
2. In the past year, 78 percent of healthcare organization breaches and 82 percent of business associate breaches were due to web-borne malware attacks.
3. However, few entities appear concerned with the growing security risk. Just 40 percent of healthcare organizations and 35 percent of business associates are worried about cyber attackers, according to the study.
4. What's more, organizations said they do not have the adequate budget or resources to protect both electronic and paper-based patient information, according to the study. Approximately 56 percent of healthcare organizations and 59 percent of business associates said their incident response process lacks funding and resources.
5. While one half of healthcare organizations reported having a four-factor risk assessment following a security incident involving electronic information, approximately one-third — the majority —said they have an ad hoc process for the assessment. For business associates, 42 percent of respondents indicated having a four-factor risk assessment, and the majority again was an ad hoc process at 38 percent.
More articles on data breaches:
Data breaches to cost healthcare $6B per year
FBI advises Anthem not to speak publicly about breach
Data breach trend rundown: 5 key findings