Hospitals are improving their approach to security
As 2018–2019 reports show
Private health proves to be one of the most affected sectors
The Office of the Australian Information Commissioner (OAIC) has prepared a quarterly report which let almost every second Australian citizen acknowledge the fact of facing personal data exposure at least once.
61% of the breaches are claimed to be deliberate whereas 34% are attributed to the human factor/error.
According to the results contact information gets compromised more often than other details, whereas human error is the most common reason for a breach in the health sector.
85% of all Panama citizens have got their data exposed due to the server security issues. Among the unprotected details there were personal records and patient information.
Phishing undermined the privacy of patients’ health information in Oregon which included names, dates of birth, medical record numbers, diagnoses and treatment care details. The source of the exposure appeared to be an employee who opened the message earlier in May.
The hospital is going to inform all the potentially affected patients by an email. It is unknown yet whether the information was copied and misused.
Facts and opinions
Sutter Health, the healthcare company based in California, dealt with almost 87 billion cyberthreats in 2018.
According to the chief privacy and information security officer Jacki Monson, “most organizations with an active cyberattack in their system don’t discover it for 18 months or longer”
Sung Choi, assistant professor at the University of Central Florida department of health management and informatics, claims that “data breaches increase a hospital’s 30-day mortality rate” which he proves with his research.
According to the report made by Protenus in 2018, 503 independent incidents were recorded in which more than 15 million patients’ data pieces were affected. 139 people who appeared to be the source of the breaches were insiders, whereas 45 of them violated the privacy deliberately. Half of the organizations surveyed stated that they don’t perform routine risk assessments.
The Healthcare Dive website points to a significant shift in hospitals’ approach to security — the number of medical centres who reported the recruitment of a senior information security officer sprang from 14% in the past year to 56%.
