Healthcare News & Insights

Study: Healthcare data breaches on the rise

From 2010 to 2011, data breaches increased 32% in hospitals and healthcare organizations, mainly because of two reasons: 

  • The use of unsecured mobile devices to transmit data, and
  • employee mistakes.

That’s according to the Second Annual Benchmark Study on Patient Privacy & Data Security by the Ponemon Institute. The study surveyed 72 healthcare organizations.

The rise in breaches is happening despite increased compliance with the HITECH Act and HIPAA. Unfortunately, a lot of hospitals and healthcare organizations feel a bit helpless because their security and privacy budgets aren’t sufficient to cover their expenses of training, technology, etc.

And as data breaches rise, so do the costs. This year, a compromised record cost an average of $214, while a data breach event averaged $7.2 million.

Some statistics from the study that’ll interest health executives include:

  • 96% of the organization in the study had at least one data breach in the past 24 months, most of which were due to employee mistakes. On average, respondents had four data breach incidents in the past 24 month.
  • 29% of respondents said in a one-year span of time, a data breach at their organizations led to identity theft.
  • 81% of the facilities surveyed use mobile devices to collect, store and/or transmit some type of protected health information (PHI), and 49% of them admit these devices aren’t protected.
  • The average number of lost/stolen records per breach was 2,575, and
  • Only 29% of respondents said the prevention of unauthorized access and loss/theft of patient data is a priority, but 51% of respondents said they were very familiar with HIPAA/HITECH privacy, security and data breach notification laws and rules.

On the plus side, the study found healthcare organizations are making progress in their efforts to stop data breaches.

Thanks to the requirements of HIPAA and HITECH, facilities have better trained and more knowledgeable staff, as well as better policies in place. As a result, more data breaches are being discovered by employees and audits rather than patients. In fact, discovery of breaches by patients has dropped from 41% to 35%.

Do you feel your facility is on the cutting edge when it comes to policies and procedures in place to protect patients’ PHI? If so, share them in the comments box below.



Subscribe Today

Get the latest and greatest healthcare news and insights delivered to your inbox.