Healthcare Data Breaches Lag Other Industries
"The targeting of financial organizations is hardly shocking; stealing digital money from information systems rather than vaults is basically just a less primitive form of bank robbery," the report states. "It represents the nearest approximation to actual cash for the criminal. Also, and perhaps more importantly, financial firms hold large volumes of sensitive consumer data for long periods of time."
Certainly, healthcare hasn't been perfectly secure either.
In February of 2009, CVS dumped millions of patients' prescription bottles in public Dumpsters without shredding the information and settled for $2.25 million with OCR and the Federal Trade Commission, and the same investigation found similar violations by Rite Aid, who agreed to pay $1 million to the same government agencies. OCR confirmed it is looking into the nation's largest pharmacy, Walgreens.
And of course, there's the list of 138 entities on the OCR website of entities who report breaches affecting 500 or more individuals. AvMed, Inc. leads that list with a breach that affected 1,220,000 individuals because of a stolen laptop.
As for what is behind data breaches, the Verizon/Secret Service report says 70% resulted from external agents, while only 11% implicated business partners. Nearly half of the breaches (48%) were caused by insiders, and 27% involved multiple parties.
On the "OCR 500" list, business associates were involved in 21% of the 138 cases.
- Ebola: Health Officials Try to Quell Front Line Fears
- Reducing Readmissions Starts with Better Collaboration
- Readmissions: No Quick Fix to Costly Hospital Challenge
- Ebola: A New Normal in Dallas
- Defensive Medicine Still Prevalent Despite Tort Reform
- Partners HealthCare M&A Deal Under Scrutiny
- 'Overtreatment' Debate Circles Back to Lung Cancer Screening
- Health Literacy Month Gets a Boost from Payers
- How Telehealth Pays Off for Providers, Patients
- How Educated Nurses Save Money