IBM is calling 2015 the year of the healthcare security breach, noting in a report that five of the eight largest security breaches in the sector occurred in the first half of the year.
Nearly 100 million healthcare records were compromised in those five incidents, according to an article at Security Intelligence.
Of all industries, according to IBM, healthcare ranks as the leading sector for security incidents in the first 10 month of this year, with 34 percent of records compromised. That's compared to the 0.63 percent of healthcare records compromised between January 2011 and December 2014, according to the report.
IBM also put the cost of a lost or stolen healthcare record at as much as $363, 136 percent more than the per-record global average cost of a data breach.
In a study of breaches at 350 various companies in 11 countries, the Ponemon Institute put the cost of a data breach on a company at $3.8 million, an increase of 23 percent from 2013. An analysis of the types of attacks included malicious documents and sites; Shellshock, which attacks Unix- and Linux-based operating systems; brute-force attacks; and older and non-sanctioned applications.
It's essential that healthcare organizations make security a business priority, going beyond regulatory requirements for privacy and security, according to the IBM report.
In addition to costs to healthcare organizations such as forensics and remediation, and the potential for damaged reputation, Moody's recently warned that security preparedness is expected to take a higher priority in institutions' credit analysis. And there's the potential for HIPAA enforcement actions from the Health and Human Services Department's Office of Civil Rights.
To learn more:
- check out the report (.pdf)
- read the Security Intelligence article
- here's the Moody's post