New study confirms healthcare is an easy target for cybercriminals

Posted: Jun 06, 2016
Share This:


The Sixth Annual Benchmark Study on Privacy and Security of Healthcare Data from Ponemon Institute reveals the leading cause of data breaches for hospitals and medical providers for the second consecutive year is cybercrime. Despite experiencing multiple data breaches of this nature, the majority of healthcare organizations are lacking the resources to effectively manage and recover from security threats.

Here are five key takeaways from this year’s study.

1) Majority of healthcare organizations experience a breach

In the last 24 months, 89 percent of healthcare organizations have experienced at least one data breach involving loss or theft of patient data. A deeper dive into the data reveals that 45 percent had more than five breaches in total. For business associates, the data tells a similar tale; 61 percent have experienced at least one breach involving the loss or theft of patient data, 28 percent have had more than two.

2) Healthcare industry aware of its vulnerable status

The majority of healthcare organizations (69 percent) believe their sector is more vulnerable to a data breach than any other industry. Inadequate vigilance in ensuring third party service providers are securely managing their sensitive data is the most cited reason (51 percent) for this belief.

3) Healthcare data breaches are expensive

Data breaches are costing the healthcare industry a phenomenal $6.2 billion. For healthcare organizations, the costs are estimated to be $2.2 million, for business associates, costs are more than $1 million.

Despite the increasing number of breaches, the study reveals that the majority of organizations are lacking in funds and resources to manage the data breaches caused by cyber threats, preventable mistakes, and other dangers.

4) Breaches stem from internal and external sources

External cybercriminal attacks are the leading cause of data breaches in the healthcare sector, accounting for 50 percent of all breaches. This is an increase of 5 percent compared to 2015, and more than 30 percent compared to the first Pomonon survey of 2011.  

5) Things are set to improve

When asked how recent medical data breaches have influenced security practices, 61 percent of healthcare organizations claim they are now paying more attention to the types of data safeguards put in place by their third-party partners.

With very little uplift from last year’s survey, the landscape remains bleak for the healthcare sector. In many cases, the situation has only worsened. Larry Ponemon, Chairman and Founder of Ponemon Institute comments “The healthcare industry is viewed as a soft target. It’s a perfect storm for insecurity, and an opportunity for cyber criminals”.

Read the study in full here.