Q4 2019 Healthcare Data Breaches
In Q4 2019, there was a slight reduction in the number of health data breaches when compared to Q3 2019 with 119 to 131. This still accounts for a pace of over one per day. Of the 119 in the quarter, hacking/IT Incident was almost half of the breaches, coming in at 48.7%. Unlike in Q3 2019, there were no large breaches. The single largest breach affected 152,000 individuals. For the quarter, over 1.5M individuals were affected by a data breach, which when compared to Q3 is a 94% reduction.
A recent survey has highlighted the cost of healthcare industry data breaches, the extent to which the healthcare industry is under attack, and how often those attacks succeed.
The survey was conducted by Black Book Market Research on 2,876 security professionals at 733 provider organizations between Q4, 2018 and Q3, 2019. Respondents were asked their views on cybersecurity to identify vulnerabilities and security gaps and determine why so many of these cyberattacks are succeeding.
96% of surveyed IT professionals believed that cybercriminals are outpacing medical enterprises, which is no surprise given that 93% of healthcare organizations reported having experienced a data breach since Q3, 2016. According to the report, 57% of organizations had experienced more than five data breaches during that time period. More than half of the data breaches reported by healthcare organizations were the result of hacks and other attacks by external threat actors.
As required by section 13402(e)(4) of the HITECH Act, the Secretary must post a list of breaches of unsecured protected health information affecting 500 or more individuals. The infographic to the left illustrates the statistics from Q4 2019 of all healthcare-related data breaches. 2019 set another record for HIPAA enforcement.
Optimum Healthcare IT has in-depth experience helping healthcare organizations address their security and compliance needs. We offer a wide range of services, from strategy development to implementation of technology and processes to minimize risks. Our clients include large healthcare systems, community hospitals, and healthcare technology providers who need to ensure that their information technology platforms remain secure and meet regulatory requirements.
In the coming weeks, we will be publishing a complete view of 2019. Check back soon!
