Medical Economics
CONTINUE TO SITE

OR WAIT null SECS

  • Formulary WatchFormulary Watch
  • Managed Healthcare ExecutiveManaged Healthcare Executive
  • Medical Economics
  • Physicians PracticePhysicians Practice
Medical Economics
Medical Economics
Spotlight
View MoreCardiovascular Clinical ConsultChronic ConditionsConcierge MedicineCOVID-19Diabetes Awareness MonthExclusive ContentInfluenzaInsulin Therapy in Type 2 DiabetesIntimate Health Solutions to Support Her Through Life’s JourneysPatient RelationsSexual HealthVaccines
News
All News
Careers
Exclusive Content
Industry News
Legal
Money
Opinion
Practice Management
Technology
Media
Around the Practice
Expert Interviews
Medical Economics Pulse
Medical World News
Off The Charts Podcasts
Conferences
Conference Coverage
Conference Listing
Publications
Medical Economics
CME/CE
Resources
Job Board
Sponsored Resources
Subscribe
eNewsletter
Print Subscription
  • Advertise
  • Contact Us
  • Editorial
  • Job Board
  • Terms and Conditions
  • Privacy Policy
  • Do Not Sell My Personal Information

© 2021 MJH Life Sciences and Medical Economics. All rights reserved.

SpotlightSee All >
  • Cardiovascular Clinical Consult
  • Chronic Conditions
  • Concierge Medicine
  • COVID-19
  • Diabetes Awareness Month
  • Exclusive Content
  • Influenza
  • Insulin Therapy in Type 2 Diabetes
  • Intimate Health Solutions to Support Her Through Life’s Journeys
  • Patient Relations
  • Sexual Health
  • Vaccines
  • Advertise
  • Contact Us
  • Editorial
  • Job Board
  • Terms and Conditions
  • Privacy Policy
  • Do Not Sell My Personal Information
  • MJHLS Brand Logo

© 2021 MJH Life Sciences™ and Medical Economics. All rights reserved.

Healthcare data breaches were widespread in 2019. Next year will be worse.

November 6, 2019
Keith A. Reynolds
Keith A. Reynolds

New survey finds that healthcare systems’ security is being wildly outpaced by hackers.

Healthcare data breaches are on course to top $4 billion in costs in 2019 and the future is looking bleak, according to a new survey from Black Book Market Research LLC.

The report on the survey shows that so far in 2019, the healthcare industry has been the most targeted for cybersecurity breaches. Nearly 80 percent of breaches were against healthcare providers and 53 percent of all provider breaches were caused by external hacking.

The survey found that 96 percent of IT professionals believe that data attackers are outpacing healthcare enterprises leading to a disadvantage in responding to vulnerabilities. It showed that more than 93 percent of healthcare organizations had a data breach since Q3 2016, and 57 percent had more than five breaches during that time period. This has led to the theft of more than 300 million medical records affecting 10 percent of patients.

The estimated cost of a breach by the respondent hospital organizations that had a breach in 2019 is $423 per record, according to the survey.

Part of the issue, the survey says, is due to budget constraints on IT with respondents saying the critical department makes up an average of six percent of their budget and less than one percent of IT budgets earmarked for cybersecurity in 2020.

About 33 percent of hospital executives who purchased cybersecurity solutions between 2016 and 2018 chose their vendor without much vision or discernment. About 92 percent of data security or service decisions since 2016 were made without any users or affected department managers being involved and only four percent of organizations used a steering committee to study the impact of the investment, the survey said.

Only 21 percent of surveyed hospitals reported having a dedicated security executive and only six percent identified that person as a Chief Information Security Officer (CISO). Only 1.5 percent of physician groups with more than 10 clinicians on staff reported having a dedicated CISO, the survey says.

Still, 58 percent of respondent hospitals did not seek their current security vendor before a cybersecurity incident while 94 percent said they’ve not augmented their cybersecurity protections since their last breach and 35 percent of healthcare organizations didn’t scan for vulnerabilities before an attack, according to the survey.

"The key place to start when choosing a cybersecurity vendor is to understand your threat landscape, understanding the type of services vendors offer and comparing that to your organization's risk framework to select your best-suited vendor," Doug Brown, founder of Black Book, is quoted as saying in the survey. "Healthcare organizations are also more prone to attacks than other industries because they persist at managing through breaches reactively and not proactively."