• Resources
  • Blog
  • Journalists
  • Log In
  • Sign Up
  • Data Privacy
  • Send a Release
Cision PR Newswire: news distribution, targeting and monitoring home
  • News
  • Products
    • Overview
    • Distribution by PR Newswire
    • Cision Communications Cloud®
    • Cision IR
    • Sponsored Placement
    • All Products
  • Contact
    • General Inquiries
    • Request a Demo
    • Editorial Bureaus
    • Partnerships
    • Media Inquiries
    • Worldwide Offices

 

When typing in this field, a list of search results will appear and be automatically updated as you type.

Searching for your content...

No results found. Please change your search terms and try again.
  • News in Focus
      • Browse News Releases

      • All News Releases
      • All Public Company
      • English-only
      • News Releases Overview

      • Multimedia Gallery

      • All Multimedia
      • All Photos
      • All Videos
      • Multimedia Gallery Overview

      • Trending Topics

      • All Trending Topics
  • Business & Money
      • Auto & Transportation

      • All Automotive & Transportation
      • Aerospace, Defense
      • Air Freight
      • Airlines & Aviation
      • Automotive
      • Maritime & Shipbuilding
      • Railroads and Intermodal Transportation
      • Supply Chain/Logistics
      • Transportation, Trucking & Railroad
      • Travel
      • Trucking and Road Transportation
      • Auto & Transportation Overview

      • View All Auto & Transportation

      • Business Technology

      • All Business Technology
      • Blockchain
      • Broadcast Tech
      • Computer & Electronics
      • Computer Hardware
      • Computer Software
      • Data Analytics
      • Electronic Commerce
      • Electronic Components
      • Electronic Design Automation
      • Financial Technology
      • High Tech Security
      • Internet Technology
      • Nanotechnology
      • Networks
      • Peripherals
      • Semiconductors
      • Business Technology Overview

      • View All Business Technology

      • Entertain­ment & Media

      • All Entertain­ment & Media
      • Advertising
      • Art
      • Books
      • Entertainment
      • Film and Motion Picture
      • Magazines
      • Music
      • Publishing & Information Services
      • Radio & Podcast
      • Television
      • Entertain­ment & Media Overview

      • View All Entertain­ment & Media

      • Financial Services & Investing

      • All Financial Services & Investing
      • Accounting News & Issues
      • Acquisitions, Mergers and Takeovers
      • Banking & Financial Services
      • Bankruptcy
      • Bond & Stock Ratings
      • Conference Call Announcements
      • Contracts
      • Cryptocurrency
      • Dividends
      • Earnings
      • Earnings Forecasts & Projections
      • Financing Agreements
      • Insurance
      • Investments Opinions
      • Joint Ventures
      • Mutual Funds
      • Private Placement
      • Real Estate
      • Restructuring & Recapitalization
      • Sales Reports
      • Shareholder Activism
      • Shareholder Meetings
      • Stock Offering
      • Stock Split
      • Venture Capital
      • Financial Services & Investing Overview

      • View All Financial Services & Investing

      • General Business

      • All General Business
      • Awards
      • Commercial Real Estate
      • Corporate Expansion
      • Earnings
      • Environmental, Social and Governance (ESG)
      • Human Resource & Workforce Management
      • Licensing
      • New Products & Services
      • Obituaries
      • Outsourcing Businesses
      • Overseas Real Estate (non-US)
      • Personnel Announcements
      • Real Estate Transactions
      • Residential Real Estate
      • Small Business Services
      • Socially Responsible Investing
      • Surveys, Polls and Research
      • Trade Show News
      • General Business Overview

      • View All General Business

  • Science & Tech
      • Consumer Technology

      • All Consumer Technology
      • Artificial Intelligence
      • Blockchain
      • Cloud Computing/Internet of Things
      • Computer Electronics
      • Computer Hardware
      • Computer Software
      • Consumer Electronics
      • Cryptocurrency
      • Data Analytics
      • Electronic Commerce
      • Electronic Gaming
      • Financial Technology
      • Mobile Entertainment
      • Multimedia & Internet
      • Peripherals
      • Social Media
      • STEM (Science, Tech, Engineering, Math)
      • Supply Chain/Logistics
      • Wireless Communications
      • Consumer Technology Overview

      • View All Consumer Technology

      • Energy & Natural Resources

      • All Energy
      • Alternative Energies
      • Chemical
      • Electrical Utilities
      • Gas
      • General Manufacturing
      • Mining
      • Mining & Metals
      • Oil & Energy
      • Oil and Gas Discoveries
      • Utilities
      • Water Utilities
      • Energy & Natural Resources Overview

      • View All Energy & Natural Resources

      • Environ­ment

      • All Environ­ment
      • Conservation & Recycling
      • Environmental Issues
      • Environmental Policy
      • Environmental Products & Services
      • Green Technology
      • Natural Disasters
      • Environ­ment Overview

      • View All Environ­ment

      • Heavy Industry & Manufacturing

      • All Heavy Industry & Manufacturing
      • Aerospace & Defense
      • Agriculture
      • Chemical
      • Construction & Building
      • General Manufacturing
      • HVAC (Heating, Ventilation and Air-Conditioning)
      • Machinery
      • Machine Tools, Metalworking and Metallurgy
      • Mining
      • Mining & Metals
      • Paper, Forest Products & Containers
      • Precious Metals
      • Textiles
      • Tobacco
      • Heavy Industry & Manufacturing Overview

      • View All Heavy Industry & Manufacturing

      • Telecomm­unications

      • All Telecomm­unications
      • Carriers and Services
      • Mobile Entertainment
      • Networks
      • Peripherals
      • Telecommunications Equipment
      • Telecommunications Industry
      • VoIP (Voice over Internet Protocol)
      • Wireless Communications
      • Telecomm­unications Overview

      • View All Telecomm­unications

  • Lifestyle & Health
      • Consumer Products & Retail

      • All Consumer Products & Retail
      • Animals & Pets
      • Beers, Wines and Spirits
      • Beverages
      • Bridal Services
      • Cannabis
      • Cosmetics and Personal Care
      • Fashion
      • Food & Beverages
      • Furniture and Furnishings
      • Home Improvement
      • Household, Consumer & Cosmetics
      • Household Products
      • Jewelry
      • Non-Alcoholic Beverages
      • Office Products
      • Organic Food
      • Product Recalls
      • Restaurants
      • Retail
      • Supermarkets
      • Toys
      • Consumer Products & Retail Overview

      • View All Consumer Products & Retail

      • Entertain­ment & Media

      • All Entertain­ment & Media
      • Advertising
      • Art
      • Books
      • Entertainment
      • Film and Motion Picture
      • Magazines
      • Music
      • Publishing & Information Services
      • Radio & Podcast
      • Television
      • Entertain­ment & Media Overview

      • View All Entertain­ment & Media

      • Health

      • All Health
      • Biometrics
      • Biotechnology
      • Clinical Trials & Medical Discoveries
      • Dentistry
      • FDA Approval
      • Fitness/Wellness
      • Health Care & Hospitals
      • Health Insurance
      • Infection Control
      • International Medical Approval
      • Medical Equipment
      • Medical Pharmaceuticals
      • Mental Health
      • Pharmaceuticals
      • Supplementary Medicine
      • Health Overview

      • View All Health

      • Sports

      • All Sports
      • General Sports
      • Outdoors, Camping & Hiking
      • Sporting Events
      • Sports Equipment & Accessories
      • Sports Overview

      • View All Sports

      • Travel

      • All Travel
      • Amusement Parks and Tourist Attractions
      • Gambling & Casinos
      • Hotels and Resorts
      • Leisure & Tourism
      • Outdoors, Camping & Hiking
      • Passenger Aviation
      • Travel Industry
      • Travel Overview

      • View All Travel

  • Policy & Public Interest
      • Policy & Public Interest

      • All Policy & Public Interest
      • Advocacy Group Opinion
      • Animal Welfare
      • Congressional & Presidential Campaigns
      • Corporate Social Responsibility
      • Domestic Policy
      • Economic News, Trends, Analysis
      • Education
      • Environmental
      • European Government
      • FDA Approval
      • Federal and State Legislation
      • Federal Executive Branch & Agency
      • Foreign Policy & International Affairs
      • Homeland Security
      • Labor & Union
      • Legal Issues
      • Natural Disasters
      • Not For Profit
      • Patent Law
      • Public Safety
      • Trade Policy
      • U.S. State Policy
      • Policy & Public Interest Overview

      • View All Policy & Public Interest

  • People & Culture
      • People & Culture

      • All People & Culture
      • Aboriginal, First Nations & Native American
      • African American
      • Asian American
      • Children
      • Diversity, Equity & Inclusion
      • Hispanic
      • Lesbian, Gay & Bisexual
      • Men's Interest
      • People with Disabilities
      • Religion
      • Senior Citizens
      • Veterans
      • Women
      • People & Culture Overview

      • View All People & Culture

      • In-Language News

      • español
      • português
      • Česko
      • Danmark
      • Deutschland
      • España
      • France
      • Italia
      • Nederland
      • Norge
      • Polska
      • Portugal
      • Россия
      • Slovensko
      • Suomi
      • Sverige
  • Overview
  • Distribution by PR Newswire
  • Cision Communications Cloud®
  • Cision IR
  • Sponsored Placement
  • All Products
  • General Inquiries
  • Request a Demo
  • Editorial Bureaus
  • Partnerships
  • Media Inquiries
  • Worldwide Offices
  • PR Newswire: news distribution, targeting and monitoring
  • Send a Release
    • ALL CONTACT INFO
    • Contact Us

      888-776-0942
      from 8 AM - 10 PM ET

  • Send a Release
  • Sign Up
  • Log In
  • Resources
  • Blog
  • Journalists
  • RSS
  • GDPR
  • News in Focus
    • Browse All News
    • Multimedia Gallery
    • Trending Topics
  • Business & Money
    • Auto & Transportation
    • Business Technology
    • Entertain­ment & Media
    • Financial Services & Investing
    • General Business
  • Science & Tech
    • Consumer Technology
    • Energy & Natural Resources
    • Environ­ment
    • Heavy Industry & Manufacturing
    • Telecomm­unications
  • Lifestyle & Health
    • Consumer Products & Retail
    • Entertain­ment & Media
    • Health
    • Sports
    • Travel
  • Policy & Public Interest
  • People & Culture
    • People & Culture
  • Send a Release
  • Sign Up
  • Log In
  • Resources
  • Blog
  • Journalists
  • RSS
  • GDPR
  • Overview
  • Distribution by PR Newswire
  • Cision Communications Cloud®
  • Cision IR
  • All Products
  • Send a Release
  • Sign Up
  • Log In
  • Resources
  • Blog
  • Journalists
  • RSS
  • GDPR
  • General Inquiries
  • Request a Demo
  • Editorial Bureaus
  • Partnerships
  • Media Inquiries
  • Worldwide Offices
  • Send a Release
  • Sign Up
  • Log In
  • Resources
  • Blog
  • Journalists
  • RSS
  • GDPR

Healthcare Under Attack: 89 Percent of Organizations Experienced Data Breaches, According to New Ponemon Study

Criminal Attacks Cause 50 Percent of Breaches, Exposing Patient Data; Ransomware Is Newest Cyber Threat for 2016


News provided by

ID Experts

May 12, 2016, 09:00 ET

Share this article

Share this article


TRAVERSE CITY, Mich. and PORTLAND, Ore., May 12, 2016 /PRNewswire/ -- It's a turbulent time for the healthcare industry: patient data is under siege and hospitals are big targets for cyber attacks—according to the Sixth Annual Benchmark Study on Privacy & Security of Healthcare Data, conducted by Ponemon Institute and sponsored by ID Experts®. For the second year in a row, the study reveals that criminal attacks are the leading cause of data breaches in healthcare—up five percent to 50 percent this year. Mistakes—unintentional employee actions, third-party snafus, and stolen computer devices—are cited as the root cause of the other half of data breaches. The findings indicate that many healthcare organizations and their third parties (business associates or BAs) are negligent in the handling of sensitive patient information. They also lack the budget, people resources, and expertise to manage data breaches caused by employee negligence and evolving cyber threats, including the newest threat cited for 2016: ransomware. To learn more about the Sixth Annual Study on Privacy & Security of Healthcare Data, visit http://www2.idexpertscorp.com/ponemon2016 for a free copy.

Six Years Later:  Data Breaches in Healthcare Are Not Declining
Data breaches in healthcare are costing the industry $6.2 billion, and remain consistently high in terms of volume, frequency, impact, and cost—and have yet to decline since 2010—despite a slight increase in awareness and spending on security technology. While recent large healthcare data breaches have heightened the industry's awareness of the growing threats to patient data and have led to an improvement in security practices and policy implementation, respondents say that not enough is being done to curtail or minimize the risks. Nearly half of healthcare organizations, and more than half of BAs, have little or no confidence that they can detect all patient data loss or theft.

"In the last six years of conducting this study, it's clear that efforts to safeguard patient data are not improving. More healthcare organizations are experiencing data breaches now than six years ago," said Dr. Larry Ponemon, chairman and founder, Ponemon Institute. "Negligence—sloppy employee mistakes and unsecured devices—was a noted problem in the first years of this research and it continues. New cyber threats, such as ransomware, are exacerbating the problem."  

The Healthcare Industry: Vulnerable, Little Accountability
"This is about real people and the exposure of their sensitive information," said Rick Kam, CIPP/US president and co-founder of ID Experts. "The lack of accountability is a big issue in the healthcare industry, with a lot of finger pointing going on. To get a better handle on internal data threats, healthcare organizations can start by getting back to basics with employee training, mobile device policies, regular data risk assessments, and enforceable internal procedures."

Key Findings of the Research

  • Data breaches in healthcare remain consistently high in terms of volume, frequency, impact, and cost. Healthcare organizations are experiencing a greater volume and frequency of data breaches; suffering multiple data breaches each. Eighty-nine percent of healthcare organizations and 60 percent of BAs experienced data breaches over the past two years. Seventy-nine percent of healthcare organizations experienced multiple data breaches (two or more) in the past two years—up 20 percent since 2010. More than one-third, or 34 percent, of healthcare organizations experienced two to five breaches. Nearly half of healthcare organizations, or 45 percent, had more than five breaches. Medical records are the most commonly exposed data, followed by billing and insurance records, and payment details. While the majority of breaches are small (under 500 records) and are not reported to the U.S. Department of Health and Human Services (HHS) and the media, the financial impact is significant. The total economic impact of data breaches is $6.2 billion to the healthcare industry.
  • Newest cyber threat for 2016: ransomware. Criminal attacks are up in 2016 and are, once again, the leading cause of data breach among healthcare organizations, causing half of all data breaches and causing 41 percent of data breaches among BAs. Mistakes cause the other half of data breaches in healthcare. Based on the research, mistakes are classified as third-party snafus, stolen computing devices, and unintentional employee actions. The most concerning cyber threats among the healthcare industry are ransomware, malware, and DoS attacks. DoS attacks have been around a long time but continue to be prevalent. Ransomware is the newest cyber threat and concern for 2016. The study found that other top concerns to patient data are employee negligence, mobile device insecurity, use of cloud services, malicious insiders, and a growing concern about mobile apps (eHealth)—up from six percent in 2015 to 19 percent this year.
  • Healthcare industry is more vulnerable to data breach than other industries. Healthcare organizations believe they are more vulnerable to data breaches than other industries. Healthcare organizations have massive amounts of valuable data and often lack a strong security infrastructure and sense of accountability. Additionally, there are lots of "data touch" points, including multiple employees and third parties. The findings indicate that employees at healthcare organizations and their BAs are negligent in the handling of patient information and are not vigilant in protecting that information. Six years after the initial study, healthcare organizations are still stymied by the lack of resources and are not investing in technologies to mitigate a data breach. In fact, 59 percent of healthcare organizations and 60 percent of BAs don't think their organization's security budget is sufficient to curtail or minimize data breaches. The findings also reveal that BAs and healthcare organizations point their fingers at each other. Healthcare organizations say that third parties and partners are not doing enough, and BAs say that healthcare organizations are not investing in technology and employees are negligent.
  • Patients are suffering the effects of data breaches; increased awareness of medical identity theft cases. The research indicates that more healthcare organizations and BAs are aware of medical identity theft cases that have occurred internally since last year's study. Thirty-eight percent of healthcare organizations and 26 percent of BAs are aware of medical identity theft cases affecting their own patients and customers. Healthcare organizations and BAs both agree that patients suffer an increased risk of medical identity theft and financial identity theft if their records are exposed. Despite the known risks, 64 percent of healthcare organizations and 67 percent of BAs don't offer any protection services for victims whose information has been breached. Fifty-eight percent of healthcare organizations and 67 percent of BAs do not have a process in place to correct errors in victims' medical records. Errors in medical records can be detrimental to a patient, putting the patient at risk. Such errors can leave a patient vulnerable to receiving the wrong medical treatment or obtaining the wrong medications. If an identity thief uses a patient's name or health insurance number in order to receive medical care, the patient's health history and record will get mixed with the thief's, potentially causing harm to the patient.

Research Findings Further Discussed in Webinar
Join Dr. Larry Ponemon and Rick Kam to hear highlights of the study via a complimentary webinar, Hackers are Coming After Your Healthcare Data, to be held on May 17, 2016, at 11:00 a.m. PT/2:00 p.m. ET. To register: https://www2.idexpertscorp.com/webinars/hackers-are-coming-after-your-healthcare-data.

About the Study
The Sixth Annual Benchmark Study on Privacy & Security of Healthcare Data  utilized in-depth, field-based research involving interviews with senior-level personnel at healthcare providers and business associates to collect information on the actual data loss and data theft experiences at their organizations. This benchmark research, in contrast to a traditional survey-based approach, enables researchers to collect both the qualitative and quantitative data necessary to understand the current status of the privacy and security of the healthcare data of those who participated in the study.

About Ponemon Institute
Ponemon Institute is dedicated to advancing responsible information and privacy management practices in business and government. To achieve this objective, the Institute conducts independent research, educates leaders from the private and public sectors and verifies the privacy and data protection practices of organizations in a variety of industries.

About ID Experts
At ID Experts, we protect millions of consumers with our identity protection software and services and have a 100 percent success record for identity recovery. We are trusted by thousands of organizations to manage cyber and other risks with our data breach response services. We are the largest provider of identity protection products to the federal government. We serve customers in healthcare, government, insurance, financial services, and higher education. ID Experts actively contributes to the cyber risk community through organizations including NHCAA, HCCA, MIFA, and IAPP. Visit www2.idexpertscorp.com/

SOURCE ID Experts

Related Links

http://www2.idexpertscorp.com

Modal title

Contact Cision

  • Cision Distribution 888-776-0942
    from 8 AM - 9 PM ET

  • Chat with an Expert
  • General Inquiries
  • Request a Demo
  • Editorial Bureaus
  • Partnerships
  • Media Inquiries
  • Worldwide Offices

Products

  • Cision Communication Cloud®
  • For Marketers
  • For Public Relations
  • For IR & Compliance
  • For Agency
  • For Small Business
  • All Products

About

  • About PR Newswire
  • About Cision
  • Become a Publishing Partner
  • Become a Channel Partner
  • Careers
  • COVID-19 Resources
  • Accessibility Statement
  • Asia
  • Brazil
  • Canada
  • Czech
  • Denmark
  • Finland
  • France
  • Germany
  • India
  • Israel
  • Italy
  • Mexico
  • Middle East
  • Netherlands
  • Norway
  • Poland
  • Portugal
  • Russia
  • Slovakia
  • Spain
  • Sweden
  • United Kingdom

My Services

  • All New Releases
  • Online Member Center
  • ProfNet

Contact Cision

Products

About

My Services
  • All News Releases
  • Online Member Center
  • ProfNet
Cision Distribution Helpline
888-776-0942
  • Terms of Use
  • Privacy Policy
  • Information Security Policy
  • Site Map
  • RSS
  • Cookie Settings
Copyright © 2022 Cision US Inc.