142 reported data breaches, impacting 3.14 million patients, were executed against the healthcare sector during the second quarter (April – June) of 2018, three times the number reported in the first part of the year. In fact, July alone saw breaches affect more than 860k patients, making it the worst month for breaches so far this year. And with an average cost of $408 per patient records, eventual damages from July alone may total into the hundreds of millions.
The reasons for these breaches include: Improper Disposal, Hacking/IT Incidents, Unauthorized Access and/or Disclosure, and Theft/Loss, with Improper Disposal and Hacking /IT Incidents accounting for more than two thirds of patient records being compromised. To further complicate this issue, approximately 30% of the reported breaches were the result of repeat offenders from within the affected organizations.
If an individual healthcare employee breaches patient privacy once, there is a greater than 30 percent chance that they will do so again in three months’ time, and a greater than 66 percent chance they will do so again in a years’ time.
- Q2 2018 Protenus Breach Barometer
Of the different types of hacking and breaches reported, which also included enough information to properly classify the threats, phishing incidents accounted for the majority of incidents, followed closely by ransomware and malware. Despite the threat however, studies show that regular and continuous phishing training and education, including the use of simulated attacks, can reduce breaches from within organizations to just 2%.
Click here to download the full Protenus Breach Barometer report. For more information on creating a phishing education and training program for your organization, contact us today: info@ryskgroup.com or (866) 797-5699.