Dive Brief:
- Despite not being the primary cause of data breaches, internal actors nevertheless offer a challenging cybersecurity challenge for healthcare organisations, according to a recent analysis from Verizon.
- Last year, 39 percent of healthcare breaches were caused by employees. According to Verizon, that compares to just 18% across all industries.
- Employees are more than 2.5 times more likely to make an error than to actively misuse their access, changing the makeup of the insider breach from generally malicious misuse occurrences to random errors. The survey states that device or document loss and data misdelivery, such as sending an email to the incorrect recipient, are the most frequent personnel errors in the healthcare industry.
Dive Insight:
A record amount of patient data was compromised last year due to cybersecurity incidents in the healthcare industry. With stresses including persistently underfunded security measures, the potential for Russian cyberattacks, and the rise of a “exceptionally aggressive” ransomware gang in 2022, external threats like ransomware continue to be a source of worry in the sector.
Given that workers are responsible for nearly two-fifths of breaches, the Verizon report advises firms to look closely at their internal policies as well.
Verizon’s Data Breach Investigations Report is based on information gathered from businesses who experienced cyber attacks between November 2020 and October 2021.
The top three causes of healthcare data breaches, according to the research, remained the same from the year before despite a change in their ranking.
76 percent of breaches in the healthcare sector were caused by simple web application attacks, random mistakes, and system penetration.
Although errors continue to be a major issue, basic web application attacks, or attacks against a Web-facing programme, now account for about 30% of breaches, surpassing other types of problems.
Roughly 26% of breaches involved system incursion, which are sophisticated attacks that use malware or hackers to accomplish their goals. About 21% of all security breaches were the result of random mistakes or inadvertent activities that directly impacted information security.
Despite not being a major contributing element in many events, Verizon discovered that privilege abuse—incidents brought on by employees’ unauthorised or malicious use of valid privileges—is three times more common in healthcare breaches than in other sectors.
“Internal actors accessing healthcare organisations’ data without authorization has been a long-standing issue. The research stated that even though it is no longer among the top patterns in healthcare, the issue should not be written off as resolved.
Nearly 60% of the data stolen in healthcare breaches was personal information, while 46% was medical information. For the second year in a row, Verizon discovered that personal data was compromised more frequently than medical data.
The causes of this development are unknown, but they may indicate that businesses have strengthened the security surrounding medical data without providing analogous safeguards for personal data.
It might also imply that hackers are less interested in obtaining private medical data.
“Do we now regard this as the standard for the one sector with a wealth of medical data? Is this because the actors are just starting to utilise encryption without thinking about the kinds of records they are blocking access to? Only individuals who work in the sector can definitively say whether they have tightened the safeguards surrounding their medical data while leaving their personal data in the waiting area, according to the report. According to the Verizon research, there were 849 incidents and 571 breaches in the healthcare sector last year. Healthcare ranked below education, information, manufacturing, and public administration in incidents alone, but it also lagged behind the financial and professional sectors in both incidents and breaches.
