Criminal attacks targeting health care data have increased 125 percent since 2010, making it the leading cause of data breaches, according to Ponemon Institute’s “Fifth Annual Benchmark Study on Privacy & Security of Health Care Data.” A webcast of the report can be found here.
Almost 45 percent of health care data breaches are a result of criminal activity, with “78 percent of health care organizations and 82 percent of business associates, including patient billing, health plans, claims processing and cloud services, [suffering] web-borne malware attacks.” However, only 40 percent of health care companies said that they are concerned about cyber attacks.
Cyber criminals are drawn to the health care industry because it is “an information-rich source of personal, credit and health information, which can be sold quickly and profitably,” said the report. Additionally, the report found that the majority of organizations are not prepared to face current cyber threats and lack the resources necessary to protect patient information.
According to Dr. Larry Ponemon, chairman and founder of the Ponemon Institute, “we are seeing a shift in the causes of data breaches in the health care industry, with a significant increase in criminal attacks. While employee negligence and lost/stolen devices continue to be primary causes of data breaches, criminal attacks are now the number-one cause.”
Small and middle-market organizations are at the greatest risk because they “have limited security and privacy processes, personnel, technology and budgets compared to their larger counterparts,” the report found.