Security "Bits"

The Healthcare Breach Report: Breaches on the Upsurge

By Juan Lugo | February 19, 2020 at 5:00 AM
Screen Shot 2020-02-18 at 10.01.54 AM

The vast majority of healthcare organizations utilize and store protected health information (PHI), which is composed of patients’ sensitive information. HIPAA, the privacy rule that classifies PHI, describes protected health information as medical history, Social Security numbers, personal financial data, and more. 

In this sixth annual Healthcare Breach Report, Bitglass analyzes and compiles data from the US Department of Health and Human Services’ “Wall of Shame.” Upon analyzing the data, Bitglass uncovered the state of security for healthcare organizations in 2019. This database, composed of PHI breaches that affected over 27M individuals, is broken into four categories: hacking or IT incidents, unauthorized access or disclosure, loss or theft, and other. A snapshot of some of this data is provided below.

The Rise of Mega Breaches 

In 2019, there were 386 breaches – an increase of 33% since the previous year. This is due to an array of breaches that affected 15 healthcare organizations linked to Texas Health Resources – each of which impacted 20,000 - 30,000 individuals. As such, Texas had the most healthcare breaches of 2019, with a total of 47 it nearly doubled the amount for California (25). Typically, this is consistent with the state population (wherein Texas and California usually rank first and second, respectively), however, this year Texas experienced far more breaches than any other state in the past. 

The Increasing Cost per Healthcare Breach

Undoubtedly, this sensitive information attracts a lot of attention from malicious entities that aim to exploit this data for political or monetary gain. The cost per record for a healthcare breach amounted to $429 in 2019, which is important to note because it is the highest per record cost – with finance ($210) coming in second. All factors considered, billions of dollars are wasted annually because of improper cybersecurity in healthcare and mega breaches – as the overall cost in 2019 has more than doubled since 2018.

To learn more about the current state of cybersecurity within the healthcare sector, download Bitglass' 2020 Healthcare Breach Report. 

Healthcare Breach Report



see all