Biggest security threat to US healthcare? Loose lips and lost hardware

US healthcare breach incidents have dropped off in the year to date after hitting an all-time high in 2016.

During 2016, a total of 328 US healthcare firms reported data breaches, up from 268 in 2015 (the year of the Anthem health insurance mega-breach). A study by security firm Bitglass reports that the actual volume of leaked records fell in 2016, and is on track to decrease still further in 2017. A total of 16.6 million Americans were affected by breaches throughout 2016, down significantly from 2015 – even when excluding the massive Anthem breach.

Unauthorised disclosures are now the leading cause of breaches, accounting for nearly 40 per cent of breaches in 2016. These disclosures can take the form of anything from lost or stolen computers to the accidental mailing of personal information.

Clerical staff as well as doctors and nurses all have access to confidential medical and personal information in hospitals and clinics, which have a duty to report incidents under regulations far tighter than those that apply to other industry sectors.

Bitglass’s third annual Healthcare Breach Report aggregates data from the US Department of Health and Human Services’ Wall of Shame – a database of breach disclosures required as part of the Health Insurance Portability and Accountability Act (HIPAA) – to identify the most common causes of data leakage. ®