Giving Compass' Take:

• Data breach investigations report from Verizon revealed that the majority of attacks on healthcare data came from inside the organizations, such as abusing privileges or committing system errors.

• How is the healthcare industry addressing this issue? What can donors do to help strengthen cybersecurity for people's medical records? 

• Read more about how many health care organizations lack cyber insurance. 

Within the healthcare industry, employees, whether nurses, doctors or administrative staff, are granted access to patients' data in order to do their jobs. But an alarming number of employees may be abusing this privileged access or committing errors that lead to data breaches.

Insider attacks were responsible for the majority of healthcare data breaches (59%) in 2018 versus external attacks (42%), according to a new data breach investigations report from Verizon. The healthcare industry is the only sector to show a greater number of insider attacks than external, according to Verizon's analysis more than 20 industries.

Across all industries, external threat actors are still the primary force behind attacks (69% of breaches) with insiders accounting for 34%.

Verizon analyzed more than 41,000 cybersecurity incidents and over 2,000 data breaches from 86 countries to take a look at cyber attacks from malware to insider threats to cyber espionage and identify trends.

The top three patterns among cybersecurity incidents were miscellaneous errors, privilege misuse, and web applications represent 81% of incidents within healthcare. The majority of healthcare cyber attacks were financially motivated, according to the report, while some bad actors or hackers did it for fun (6% of incidents), for convenience (3%), because of a grudge (3%) or for espionage (2%).

The report also offers three recommendations for healthcare security leaders to address the biggest threats seen in the healthcare industry:

  • Monitor access. Know where your major data stores are, limit necessary access, and track all access attempts. Start with monitoring the users who have a lot of access that might not be necessary to perform their jobs and make a goal of finding any unnecessary lookups
  • Encourage reporting. Work on improving phishing reporting to more quickly respond to early clickers and prevent late clickers. Think about reward-based motivation if you can.
  • Improve processes. Know which processes deliver, publish or dispose of personal or medical information and ensure they include checks so that one mistake doesn’t equate to one breach.

Read the full article about healthcare data breaches by Heather Landi at FierceHealthcare.