An alarming number of data breaches are being witnessed in the healthcare industry today. The number of breaches affecting 500 or more patients has risen above the 400 incidents mark, affecting nearly 19.2 million individuals overall. As the breach tally continues to grow steadily, experts are paying very close attention to the factors contributing to these data breaches.
In the latest analysis by the Health Information Privacy/Security Alert of OCR, a significant increase in the number of breaches was seen within a short period of one month. Seven breaches affecting 77,715 patients were reported during this period. While the statistics do not necessarily mean that the number of breaches reflects the number of affected individuals, they certainly reveal the nature of the breaches and what contributed to them:
It was seen that data theft was at the top with 196 incidents. Unauthorized access/disclosure of data was next in the list, with 72 incidents falling in this category. Data loss came third with 51 incidents, followed by hacking with 22 attacks reported.
It was noted that business associates contributed to 85 out of the total number of breaches involving theft, unauthorized access, and data loss. Portable electronic devices covering a wide range of technologies including e-tablets accounted for 55 breaches as against laptops which were involved in 92 breaches.
Paper records were involved in 102 breach incidents, where as electronic medical records were involved in just 4 out of 400 incidents. Desktop computers were involved in 68 breaches out of which 47 were targeted attacks.
Another significant fact noted in the analysis is that data theft continues to be the leading cause of breaches, with 217 incidents involving theft of data, out of which 196 incidents were solely attributed to stolen data. Improper disposal of PHI was solely responsible for 26 breaches.
These statistics clearly demonstrate the significance of securing data. Data security is not just a one-time goal. It is an ongoing process which requires dedicated attention. That’s why organizations should adopt a security and compliance solution which can greatly simplify this process and guarantee data security at all times. SecureGRC offers this capability. It provides end-to-end security and protects data from the place it originates all the way through to the place it is stored by providing absolute end-point security. SecureGRC can be valuable in averting breaches as it can successfully prevent all the above-mentioned factors contributing to a data breach.