58 percent of health data breaches due to simple theft, not hacking: JAMA

click to enlarge Criminal activity is the cause of nearly 6 out of 10 data breaches, according to a study published in JAMA last week (subscription required). Cyberbreaches–the infamous hacking attacks–produce breaches in the millions, but the far more typical and frequent breach, if smaller, is caused by simple theft of records–electronic and paper. HealthLeaders We’ve reported previously that stolen records (over 500) have ranged from laptops to paper records as landfill and even old-style X-rays in dead storage sought after for mercury content. So if Hackermania is not always running wild, except when it is, how to keep those records secure? According to West Virginia United Health System’s assistant CIO interviewed by FierceHealthIT at HIMSS, it requires a policy change of staff education, expectations, understanding that protecting patient information is part of holistic care–and frequent audits. Trust, but verify. Encrypt–and keep passwords secure, multiple and frequently changed.

Categories: Latest News.


  1. Well, the JAMA report would be great, if it weren’t incorrect. 80 million Anthem Blue Cross Blue Shield records (name, address, social security number) stolen in just the past six months, resulting in a lifelong effort to protect stolen identity, fraudulent tax returns ($50 billion reviewed false refunds, and that’s just what the IRS admits.)

    Anthem, it turns out, also shared data with all of the Blue Cross-Blue Shield companies, one way or another. so even if you weren’t one of the 80 million, you could have your identity stolen and a tax refund filed on your social security number.

    • Donna CusanoDonna Cusano

      In looking at their report, they were counting the number of incidences by type, not the sheer screaming numbers of people affected. If you look at Privacy Rights Clearinghouse, the average breach is in the hundreds and depressingly mundane–stolen laptops, an employee ‘lending’ a password to a ‘friend’, the occasional warehouse walk-off. Hackers go for the gold–in the thousands minimum, now in the millions. I was not aware of the BCBS sharing–certainly that was downplayed.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>