Thought Leadership

Study: Criminal Attacks are the No. 1 Cause of Data Breach in Healthcare

Criminals are going after information on the computer systems of healthcare payers and providers at an unprecedented rate, according to a new report from the Ponemon Institute, a research center that focuses on privacy, data protection, and information security.

Since 2010, criminal theft of data from computers and servers operated by healthcare organizations has shot up 125 percent 2010 and is now the No. 1 cause of healthcare data breaches. The information was reported in Ponemon’s “Fifth Annual Benchmark Study on Privacy and Security of Healthcare Data.”

Ponemon says that data breaches take an annual toll of $6 billion on the healthcare industry. The average economic impact per healthcare organization is $2,134,800.

Ponemon defines a criminal attack as a “deliberate attempt to gain unauthorized access to sensitive information, usually to a computer system or network, resulting in compromised data.” Breaches can result from cyber-attacks and theft of paper files or other criminal activity by people within the healthcare organization.

Because of the sensitive information they contain, medical files and billing and insurance records are top targets of criminals.

“We are seeing a shift in the causes of data breaches in the healthcare industry, with a significant increase in criminal attacks. While employee negligence and lost/stolen devices continue to be primary causes of data breaches, criminal attacks are now the number-one cause,” said Ponemon Institute chairman and Founder Dr. Larry Ponemon. “Since first conducting this study, healthcare providers are starting to make investments to protect patient information, which needs to keep pace with the growing cyber threats.”

Other key findings of the study include:

Celebrating 30 Years of Exceptional Service