REPORT: The Growing Risk of Patient Data Breaches

The WannaCry Ransomware attack wreaked havoc on organizations worldwide. This attack impacted more than 300,000 computers in 150 countries.

While WannaCry is the latest headline-making attack, cybercrime is a continuous and growing threat. Cybercrime costs the U.S. an estimated $108 billion per year, according to a 2015 study by the Allianz Group.

Healthcare is a Major Target

Healthcare is the number one most targeted industry for cybercrime, according to the 2016 IBM X-Force Cyber Security Intelligence Index, as reported by Forbes.

The Department of Health and Human Services (HHS) has been tracking patient record data breaches since 2009. The increase of exposed records since that time is staggering. The number of reported patient records breached in 2009 was 134,773. That number jumped to 16,665,952 in 2016. Yet, HHS’ data offers just a glimpse of the problem since it only requires reporting of breaches involving more than 500 patient records.

Source: Department of Health and Human Services
Based on reported breaches of 500 patient records or more.

Risk and Cost Grows

According to a Forbes report, cybercrime quadrupled from 2013 to 2015. Security experts predict it will grow at the same rate between 2015 and 2019. The cost of these attacks will continue to rise as well – an estimated $2.1 trillion worldwide by 2019.

Today, the rise in cyberattacks on healthcare providers costs the U.S. health system an estimated $6 billion per year. In fact, the cost to resolve a data breach is higher for the healthcare sector than for other industries. The Ponemon Institute’s 2016 Cost of Data Breach Study found that a data breach costs, on average, $402 per record in the healthcare industry, compared to $264 for financial institutions and $200 for retailers.

The Ponemon study also found that almost 90% of all healthcare providers experienced some type of data breach between 2014 and 2016. Furthermore, studies have shown that it takes on average 90 days for an organization to discover its system has been hacked. Yet, half of the healthcare organizations surveyed did not have the appropriate technology or IT staff expertise to prevent or detect a breach.

QualDerm supports our affiliated dermatology practices from both the headquarters and regional levels. Our IT staff provides in-house support to help our affiliated practices with IT and EMR issues.

Learn more about how being part of a larger, support-driven organization can benefit your dermatology practice. Contact QualDerm to find out about partnership opportunities or to discuss selling your practice.