Report: 58% healthcare cybersecurity breaches involve insiders; 27% result from paper records

According to the 2018 Protected Health Information Data Breach Report (PHIDBR) from Verizon, cybersecurity in healthcare falls behind other industries in being able to protect personal information.

The report, which included the evaluation of 1,368 cybersecurity incidents from 27 countries, delves into the cybersecurity of healthcare following the Data Breach Investigations Report (DBIR). The PHIDBR includes findings on what cased cybersecurity incidents, what types of incidents are most common, and solutions to improving the privacy and security of patient data.

Findings included:

  • 21 percent of cybersecurity incidents occurred because of stolen laptops that contained unencrypted patient data.
  • 70 percent of cybersecurity incidents with malicious code were classified as ransomware attacks.
  • 58 percent of cybersecurity incidents in healthcare involved insiders. Insiders were found to endanger data for financial gain (48 percent), fun or curiosity in reading personal records (31 percent) and¬†convenience (10 percent).
  • 27 percent of security incidents involved patient health information on paper records. Breaches of patient information from paper records are more prevalent in the healthcare sector. The main causes included sensitive data not being delivered correctly (20 percent), thrown away without shredding (15 percent) and lost paper documents (8 percent).

Solutions to improving cybersecurity included:

  • Full encryption: These services are effective and low-cost ways of protecting patient data.
  • Continuous monitoring of who has access to records: Cybersecurity polices should be required to the monitoring of patient health record access. Training employees and adopting warning banners could reduce incidents causes by internal factors.
  • Develop preventative measures: Adopting measures to combat ransomware attacks and malware would prevent devices from being hacked and patient health records from being accessed.