Health data breaches triggered by hacking attacks spiked by 320% in 2016 and ransomware became widespread, according to a report by a health IT cybersecurity firm.
Released the week before HIMSS 2017, the report from CynergisTek, Inc. division Redspin, said that 81% of the health data breaches were caused by hacker attacks specifically, rather than other lost or physically stolen records.
Cybersecurity of health data is expected to be a major topic at the 2017 conference and exhibition of the Healthcare Information Management Systems Society in Orlando.
(CynergisTek was acquired in 2016 by document management company Auxilio, and Redspin, a HIPAA risk assessment and penetration risk company previously acquired by Auxilio, became part of CynergisTek’s portfolio.)
The report also noted that 2016 was the first year that a hospital had been victimized by ransomware by paying a ransom to unlock its data network, and that many smaller hospitals and clinics were hit by hackers causing health data breaches, in addition to several major healthcare systems.
“Healthcare providers have become the primary targets of malicious hackers, and their attacks are becoming increasingly sophisticated and disruptive to operations,” said Dan Berger, Vice President at CynergisTek, said in a release.
Key findings of the report:
- There were 325 large health data breaches, compromising the protected health information (PHI) of 16,612,985 individual patients.
- The year’s single largest incident involved the health data breach of 3,620,000 patient records.
- Some 40% of large health data breaches involved unauthorized access or disclosure of the records.
Incidentally, SearchHealthIT will be interviewing CynergisTek CEO and co-founder Mac McMillan at HIMSS 2017 and will be sure to ask him about what health system CIOs can do to combat the hacker scourge.