120M Affected by Health Data Breaches Since 2009, More Expected
March 23, 2015 in News
Industry experts expect the number of health data breaches to increase in 2015.
Data Breach Details
According to “The Switch,” the HHS data might “double-count” some of the individuals who had their health information breached in several incidents, but the data show that a “staggering” number of individuals have been affected by cyberattacks. In addition, the HHS data do not include the more than 11 million individuals affected by a recent Premera Blue Cross cyberattack, “The Switch” reports.
Meanwhile, the data review found that the recent hack of Anthem’s database, which affected nearly 80 million people, more than doubled the number of individuals affected by health industry-related breaches since 2009.
According to Dave Kennedy, CEO of TrustedSEC, health organizations are increasingly becoming cyberattack targets because they:
- House data that have significant value on the black market; and
- Often lack sophisticated security measures when compared with other industries.
Kennedy said, “We’re probably going to see a lot more of these happening in the coming few months.”
Meanwhile, Rachel Seeger, an HHS Office for Civil Rights spokesperson, said, “Health care organizations need to make data security central to how they manage their information systems and to be vigilant in assessing and addressing the risks to data on a regular basis.” She added that such organizations need to be ready to “identify and respond appropriately to security incidents when they do happen to mitigate harm to affected individuals and prevent future similar incidents from occurring.”
Meanwhile, Deborah Peel — executive director of Patient Privacy Rights — said, “We have systems that are engineered as though this data is not sensitive and valuable.” She noted that “HIPAA required security be addressed, but it wasn’t spelled … out exactly how, so there was no culture of using ironclad security” (Peterson, “The Switch,” Washington Post, 3/20).