The drip of data breaches now a flood: 4.5 million records hacked–update

[grow_thumb image=”http://telecareaware.com/wp-content/uploads/2014/08/keep-calm-and-encrypt-your-data-5.png” thumb_width=”150″ /]Breaking News–updated at end  Earlier this year [TTA 23 Apr] this Editor commented on the fourth annual update from the Ponemon Institute plus a qualitative study from IS Solutions that contained mostly unwelcome news for healthcare IT departments in the US. Ponemon’s new estimate of data breaches’ cost per year: $5.6 billion. While making some progress in the existential threat that data breaches present to institutional and personal security, both reports also outlined the disconnect between HIT professionals busy dealing with and sealing off the mice of internal causes versus the looming, huge menace of the external criminal threat. We now know that Godzilla has arrived and he’s stomping ‘n’ chomping. Community Health Systems of Franklin, Tennessee claimed today as part of a SEC regulatory filing that hackers originating in China breached sensitive information in 4.5 million patient records accumulated over five years during April and June using cyberattacks and sophisticated malware.  (more…)

Data breaches may cost healthcare organizations $5.6 bn annually: Ponemon (US)

[grow_thumb image=”http://telecareaware.com/wp-content/uploads/2013/10/keep-calm-and-enter-at-own-risk-3.png” thumb_width=”150″ /]The PHI threat is within for HIT staff and CIOs, with no end in sight: Ponemon Institute and IS Decisions

The Ponemon Institute’s fourth annual benchmark report on patient privacy and data security was released last week and with a few exceptions, the news is worse than last year. Eight highlights in the study of 91 responding organizations (Ponemon admits results are skewed to larger sized respondents) for 2013 are:

  1. The average cost of data breaches in the study group was approximately $2 million over a two-year period. Extrapolated to the over 5,700 hospitals in the US, the annual cost is $5.6 billion, down from $7 billion in 2012.
  2. The number of data breaches decreased slightly. 38 percent report more than five in the 2013 report compared to 45 percent in 2012. The number of organizations reporting at least one data breach in the past two years was 90 percent versus 94 percent in 2012.
  3. Healthcare organizations improve ability to control data breach costs. The economic impact of data breaches for the healthcare organizations represented in this study over the past two years is $2.0 million–but it is 17 percent (nearly $400,000) less than 2012.
  4. ACA increases risk to patient privacy and information security. No surprises here for readers with insecure exchange of information between healthcare providers and government (75 percent ), patient data on insecure databases (65 percent) and patient registration on insecure websites (63 percent) leading the way. (more…)