Healthcare in the Cross Hairs: Insider Threat

The healthcare industry has been in the sights of hackers for some time. But a recent survey found that the biggest threat in the sector comes from within.

Verizon has just released its Protected Health Information Data Breach Report and found that 58% of healthcare data security incidents came from insiders, a number higher than in any other industry. The study is based on an analysis of almost 1400 incidents during 2016-2017 in 27 countries. Almost 75% of the incidents occurred in the U.S.

The sample set was confined to medical records containing patient information.

“The healthcare industry relies on the timely and up-to-date accessibility of highly regulated data to a large percentage of employees,” said the report. “The ability to access information quickly to allow a team of care providers to make point-of-care decisions is vital.”

Looking more closely at the study, the insider’s motive wasn’t always nefarious. Human error accounted for more than 50% of the incidents involving an insider. Other key findings:

• Healthcare databases and paper documents are most often the target for hackers;
• Ransomware is the “top malware variety by a wide margin,” accounting for 70% of incidents involving malicious code; and
• Basic cybersecurity hygiene is “still not being implemented” in the healthcare sector as lost and stolen laptops with unencrypted healthcare information continue to be cause for concern.

The study also focused on how long it took for healthcare organizations to discover that there had been a data security issue. 

“The elephant in the figures is the number of incidents where the discovery was measured in months or years,” said the report.  In more than 50% of the incidents surveyed by Verizon, it took either months or years to discover that protected healthcare information had been compromised or exposed.

We’ll continue to follow developments in this sector.