2015 Healthcare Industry in Review: Large-Scale Data Breaches Cause 98 Percent of Leaked Health Records

Unfortunately, for medical organizations and their patients, the healthcare industry was in the news a great deal in 2015. Large-scale data breaches potentially exposed millions upon millions of patient health records to fraudsters and put individuals at higher risk of becoming victims of identity theft. By reviewing the nature of the breaches that occurred in 2015, organizations are able to spot areas of weakness in their security procedures so they can be strengthened moving forward.

To accomplish this, it is important to understand why fraudsters target healthcare organizations, and measure the effectiveness of identity verification systems to ensure that patient health data remains secure.

The Nature of Healthcare Data Breaches

According to the Office of Civil Rights (OCR) and as reported on by Forbes, there were 253 healthcare breaches that affected 500 individuals or more, with a combined loss of over 112 million records in 2015. Even more worrisome is that the top 10 data breaches last year accounted for more than 111 million records lost, stolen or inappropriately disclosed.

In addition, the top six breaches affected at least one million individuals and occurred at large-scale health organizations. These large-scale breaches caused 98 percent of leaked health records last year. Nine out of the top 10 breaches (in terms of number of affected individuals) were reported as hacking/IT incidents, meaning that holes in security and infrastructure resulted in the exposure of medical records to fraudsters.

With new EMV regulations now in effect for the financial and payments industries, credit card data will likely drop in value on the black market and Dark Web. EMV Chip cards will make it more difficult for criminals to utilize stolen card information and they will most likely instead turn to health records for data that can lead them to assume identities in order to commit fraud. As a result, the healthcare industry can expect more attacks on their systems, especially since healthcare organizations have historically not spent as much on data security investments as other industries.

What Makes Healthcare Records Valuable?

Fraudsters target healthcare organizations for more than just the reason that security hasn’t been as tight as in financial institutions. Unlike credit card numbers, health records contain information that cannot be erased and issued again. Instead of racing the clock to be able to use a stolen credit card number before a victim notifies the card issuer, health records have more longevity on the black market.

Due to the increased availability of information contained within health records, doctors and insurance professionals rely on real-time communication in order to provide the best care for individuals. However, security experts estimate that one in three Americans were affected in a large-scale data breach last year and the threat remains for more attacks going into 2016 and beyond.

Utilizing a layered identity verification and fraud controls are one area of data security that healthcare organizations must invest in to be able to keep fraudsters at bay and patient information safe. Learn more about how verification solutions benefit healthcare organizations by contacting the experts at IDology today at (866) 520-1234.

IN THE NEWS

5 LESSONS ABOUT CONSUMER IDENTITY IN THE MOBILE ERA

By Michael Moseser for PaymentsSource

June 12, 2019

NEW RESEARCH

study cover image

SECOND ANNUAL CONSUMER DIGITAL IDENTITY STUDY