The Protenus Breach Barometer recently released a snapshot of breaches affecting the healthcare industry. In September, Protenus found that there were more breach incidents per month in the second half of 2016 as compared to the first half. The first six months of 2016 averaged 25.3 breaches per month. So far, the second half of 2016 has had an average of 39.3 incidents per month – an increase of over 55%.
Protenus found that 41% of September incidents were insider incidents, of which seven were incidental while the majority (8 incidents) were due to wrongdoing. The numbers show that 32% of breaches involved hacking, ransomware, and other malware incidents. Protenus estimates that the hacking incidents resulted in the breach of at least 154,814 records. The remainder of breaches were due to unknown reasons (22%) or loss/theft (5%).
Of the September incidents reported, 33 incidents involved healthcare providers (91.7% of reporting entities). This is followed by two incidents reported by health plans and one incident reported by a Business Associate/vendor. Protenus pointed out that 19 incidents involved paper records with several having to do with insider wrongdoing and/or theft.