Insider error incidents made up majority of breached records in October

Frank
December 14, 2018
20 Views

cybersecurity, lock, digital, cyberattack

The latest Protenus Breach Barometer report — which includes data compiled by DataBreaches.net — found that insider error incidents continue to be a problem in the world of healthcare cybersecurity.

In the month of October, there were 37 total breach incidents reported to HHS or disclosed to the media, meaning the “at least one breach per day” trend appears to be a constant in 2017.

The report includes statistics for 29 of those incidents, which impacted 246,246 patient records. This number is down from 499,144 records impacted in September, and significantly lower than the 1.5 million records breached in March.

There were various culprits behind the incidents in October.

Hacking accounted for 13 of the 37 incidents. Of the 10 that Protenus has numbers for, 56,837 patient records were affected.

Insiders were responsible for fewer incidents (only 11). But insider error events alone made up about 65 percent of all 246,246 breached patient records.

One notable insider error incident impacted 6,231 patient records. Amida Care, a nonprofit community health plan based in New York City, sent flyers to patients about the chance to participate in an HIV research project. As it turns out, the words “Your HIV detecta” may have been visible through some envelopes.

“Organizations need to ensure that they are putting proper measures in place and providing appropriate employee training in order to minimize the potential for these types of incidents to occur,” the Breach Barometer reads in regard to insider error incidents.

Despite being in the age of technology, there were four incidents of physical theft in October. These impacted 16,533 records. There were also two incidents in which patient records were lost or went missing, affecting 3,994 total records.

Twenty-nine of the 37 October breaches involved a healthcare provider, while seven included a health plan and one involved a school.

Of the incidents in October, it took an average of 448 days for a healthcare organization to sniff out a data breach. In one case, it took more than three years to uncover a breach. An employee defrauded Illinois of nearly $1 million by incorrectly claiming she was providing speech therapy services even after she left the company.

Though more than three years may seem like a long amount of time, it’s nothing compared to Tewksbury Hospital, which took 14 years to discover a data breach.

Additionally, it took an average of 175 days from when a breach was discovered to when it was reported to HHS or the media. The median amount of time to report was 59 days, which falls within HHS’ 60-day reporting window.

Photo: mattjeacock, Getty Images

Join us for 2019’s Digital Medicine & Medtech Showcase in San Francisco, January 7–9.

Digital healthcare investments are benefiting from the surfeit of cash that is lifting the biotech sector and, in fact, all industries in 2018. Learn more by downloading the report.

Frank’s source: https://medcitynews.com/2017/11/insider-error-incidents/

 

You may be interested

Drones Help Bring Back Electricity in Puerto Rico
About Auto
0 shares1 views
About Auto
0 shares1 views

Drones Help Bring Back Electricity in Puerto Rico

Frank - Apr 20, 2019

Commercial drones are pretty lazy. Think about it: They spend most of their time taking photos and videos, inspecting equipment…

Samsung’s Galaxy S9 Is Photo-Focused and Purple as Heck
About Tech
0 shares0 views
About Tech
0 shares0 views

Samsung’s Galaxy S9 Is Photo-Focused and Purple as Heck

Frank - Apr 20, 2019

Eager to put the Galaxy Note 7 disaster in the rearview, Samsung used 2017 to double down on impressive, feature-packed…

Healthcare executives voice their top IT priorities for 2018
About Health
0 shares2 views
About Health
0 shares2 views

Healthcare executives voice their top IT priorities for 2018

Frank - Apr 20, 2019

A new survey out of the Center for Connected Medicine and the Health Management Academy examines which technologies healthcare executives plan…

Leave a Comment

Your email address will not be published.

one × one =