Healthcare Data Breach Top 5 Sources

By Steven Krohn · July 14, 2019

Data security is one of the highest priorities in any business, especially those which collect sensitive personal information. In that regard, healthcare data breach vulnerabilities are no different.

Yet there is one major area of data security where healthcare is very different — the source of the healthcare data breach.

For most businesses, data breaches originate from outside the company. External agents infiltrate the company’s data and steal it.

In healthcare, it’s the opposite. The 2018 Protected Health Information Data Report suggested the majority of breaches came from internal actors.

That’s not to say employees were stealing data, necessarily. Instead, things like human error and misuse of privileges lead to the majority of data breaches.

1,368 security incidents from 2015-2017 were analyzed. 94% were considered data breaches by the authors of the report. Here’s what they found about the top 5 data breach sources in healthcare:

Healthcare Data Breach: Human Error Breach (33.5%)

A little over a third of healthcare data breaches reported weren’t intentional.

Anyone who works in healthcare probably isn’t surprised by how large a percent is taken up by human error. It’s not even an issue of competency in many cases — there are so many layers of regulation, bureaucracy, technology and science involved that mistakes are bound to happen.

70% of human error incidents were made up by just 3 types of errors:

  • Mis-delivery was the largest cause, accounting for 38.2% of human error incidents. Examples include sending sensitive information to the wrong patient or practitioner.
  • Disposal error was next, at 17.2%. This ranges from not properly deleting information on computers, to disposing of hard copy data without shredding it first.
  • Loss was a close third, at 16.1%. This included things like misplacing paperwork or thumb drives with data.

Something important to note is that printed documents are still a big part of data security and a healthcare date breach.

We’re all so accustomed to data breaches being digital in nature that many people are getting lax with their data hard copies. 20% of mis-delivery errors and 15% of disposal errors involved paper documents, not digital files.

Healthcare Date Breach: Misuse Breaches (29.5%)

Close behind human error is misuse and abuse of a person’s internal resources.

Two thirds of misuse incidents are related to what’s referred to as “privilege abuse”. For example, a lab technician is given access to a database so they can enter or collate data. This person then uses that access to spy on patients’ private details unrelated to their work.

A related phenomenon is “possession abuse”, which accounts for 16.9% of misuse cases. In these situations, a person might be given sensitive information on a paper document to mail out, or to transfer to another department.

While the document is in their possession, the person reads the information despite having no authority to do so.

These two forms of misuse account for 82.9% of all misuse cases. Other forms include data mishandling, knowledge abuse, email misuse, and unapproved hardware and software.

Physical Breaches (16.3%)

Generally, a “physical breach” is theft, but it can also refer to spying, tampering, and surveillance. However, these other types are very uncommon — of physical data breaches, theft is the number one culprit.

44% of physical healthcare date breaches involve theft of a laptop. Paper documents are the next highest, at 31%.

The remaining 25% of physical breaches are taken up by disk drives, payment cards, flash drives, and desktop computers, as well as the aforementioned non-theft breaches.

This clearly indicates that laptops are, overwhelmingly, the primary target of theft, particularly in those seeking to access sensitive information.

While paper documents are less common, they still account for almost a full third of theft cases. Don’t forget your paper.

Hacking Breaches (14.8%)

Hacking is the act of intentionally gaining unauthorized access to a system or device.

Most people think of hacking as breaking down or working around a website’s code and security systems. This does happen, but accounts for slightly less than a fifth of cases (17.9%)

The reality is most of the time, unauthorized access is achieved through the use of stolen credentials. It’s typically much easier to steal someone’s login details, than to try to crack a system open. How popular is this method? 49.3% of hacking breaches are done through stolen credentials.

The next most common method of hacking is to use automated, brute-force attacks that systematically guess a user’s credentials. These attacks make up 20.9% of hacking breaches.

That means by theft or by deceit, a user’s credentials are the number #1 source of a healthcare data breach.

Malware Breaches (10.8%)

Malicious software is one of the most prolific sources of a healthcare data breach in the world. We mentioned at the beginning that external attacks aren’t the biggest source of healthcare breaches, but they are present.

The most popular type of malicious software today is called ransomware. It often makes vital systems or databases unusable or inaccessible until money has been paid to the hackers. This method is popular for those seeking quick financial gain from their activities.


Website Vulnerability Assessments (webVAP)

We can help you with peace of mind with a simple annual audit of your website that will provide you a comprehensive report outlining the issues and recommended fixes for your web development team to ensure that you are doing everything to protect the data and maintain compliance.

We provide a deep dive review for one low price.

Take the first step in protecting your organization and data!

Call us! (682) 593-3430
Or Email us at webvac@krohn.media

For more information visit:   https://krohn.media/webvap/


newest oldest
Notify of
Becky Tengwall

Thanks for sharing this, Steve! So scary! If our medical info is compromised, that can be disastrous!!