Internal Negligence Responsible for Half of US Healthcare Data Breaches

High-profile data breaches perpetrated by cybercriminals and hackers might make big headlines, a recent study found that more than half of US healthcare data breaches are a result of internal issues, not external factors. Hospitals, doctors’ offices and even insurance companies are oftentimes the culprits, according to researchers from Michigan State University and Johns Hopkins University.


For the study, John Jiang, lead author and associate professor of accounting and information systems at MSU’s Eli Broad College of Business, and co-author Ge Bai, associate professor at the John’s Hopkins Carey Business School, carried out an in-depth investigation to identify triggers of the PHI data breaches. They reviewed nearly 1,150 cases between October 2009 and December 2017 that affected more than 164 million patients. The study was published in JAMA Internal Medicine.


The new research follows the joint 2017 study that showed the magnitude of hospital data breaches in the United States. This revealed nearly 1,800 occurrences of large data breaches in patient information over seven years, with 33 hospitals experiencing more than one substantial breach.


The study found that more than half of the recent personal health information data breaches were because of internal issues with medical providers – not because of hackers or external parties.


“There’s no perfect way to store information, but more than half of the cases we reviewed were not triggered by external factors – but rather by internal negligence,” Jiang said in a press release about the study.

more news

65000 GDPR Data Breaches In Europe To Date


European privacy authorities have received almost 65,000 data breach notifications since the EU's new privacy law went into full effect. In addition, regulators in 11 European countries have imposed $63 million in General Data Protection Regulation fines.

read more

More than half of British firms 'report cyberattacks in 2019'


The proportion of UK firms reporting a cyberattack has jumped, despite most businesses admitting they are under-prepared for breaches, according to research from Hiscox reported by the BBC. The insurer found 55 per cent had faced an attack in 2019, up from 40 per cent last year.

read more

Sloppy IT Processes Risk Cyberattacks - McAfee


McAfee this week published a report that turns familiar survey findings on their heads by reporting that most cybersecurity breaches are the result of lax IT processes rather than mistakes made by end users.

read more

Cybercrime Soaring Reports MalwareBytes


Cybercrime is accelerating at a worrying rate, reports MalwareBytes in its Q1 2019 report. Every quarter that goes by shows more alarming data as to how much cybercrime activity is going on out there, with organizations and companies being called to face and deal with an increasing amount of threats, coming literally from everywhere.

read more