Are HIPAA Data Breaches on the Decline?

Many of us are already familiar with the big data hacks that crippled some of the world’s largest companies like Anthem, Target, and Sony. These were devastating breaches of data resulting in the release of millions of records. Monetary damages from breaches like these reach the hundreds of millions of dollars and can instantly destroy the reputation of a business, not to mention the pocket books of their consumers.

What we often do not hear about are the thousands of other data breaches that take place on literally a daily basis. In some instances, that’s simply because the data breach was limited in scope. Many individuals have their personal laptops and phones compromised every day. Likewise, many businesses are being compromised but in these incidents, the damage is limited in scope and only the individual or the particular business is impacted. However, there are thousands of other hacking incidents occurring every day that are stealing credit card numbers and sensitive health information. So, why don’t you hear about all of these?

While they do not make the headlines, small and medium sized healthcare companies are being compromised at an increasingly alarming rate. What’s more troubling is that many of them don’t even realize it or when they do, it’s already too late. On average, a hacker is present on a company network for over 200 days before anyone even becomes aware.

These breaches are primarily the result of malware or phishing attacks delivered via email or on a website which trick people into downloading malicious software on the network. These types of attacks are becoming very difficult to identify. Emails that may appear to have been sent from your bank, from your co-worker, your accountant, or from your mom could indeed be malware or a phishing attempt in disguise.

What’s even more mind boggling is the percentage increase in hacking related HIPAA breaches reported by the U.S. Department of Health and Human Services. Between 2012 and 2015, HIPAA breaches as a result of a hacking incident have increased by a whopping 216%. At the current rate of hacking incidents for 2016 that number is estimated to grow to 388%.

Healthcare companies need to get serious about security as these breaches not only bring with them severe financial penalties but the legal and reputational consequences can put them out of business for good.

If you would like more information about how Envisionet can help you step up the security of your business, protect your patient data and help you avoid very costly fines, reach out to us today at contact@envisionetllc.com.