Privacy & Security

Data breach rates rise 60 percent in November, more than 400,000 records stolen

Employees were the source of the majority of these breaches, which gave November the highest number of breach incidents this year.
By Jessica Davis
December 19, 2016
10:53 AM

November saw a 60 percent increase of breach incidents from October, at an average of two incidents per day. With 57 reported incidents, November saw the most breaches so far this year, according to the Protenus Breach Barometer released December 15.

Forty-seven of these incidents involved a total of 448,639 breached records, the report found. The largest single incident involved 170,000 patient records, which resulted from a third-party's insider error.

The biggest cause for these losses? Employees (insiders), who caused 54 percent of the incidents. Seventeen breaches were a result of an error, but 14 were caused by insider wrongdoing, according to Protenus.

In comparison, only nine breaches were caused by hacking - down from October's 14 incidents. Three of these attacks were caused by ransomware and another attack was extortion from cybercriminal TheDarkOverLord. Six of these hacks involved 102,883 patient records.

Another notable point from the report: It took 135 days, on average, from the time the breach was noticed to when these entities reported it to the Department of Health and Human Services. Further, 60 percent of breached entities took longer than the required 60-day window to report the breach.

"It's essential for organizations to be proactive when monitoring patient data," the report authors said. "The sooner a breach is detected, the quicker the healthcare organization can mitigate the risk of significant damage being done with their patient's data. The longer PHI is exposed, the more it can cost the healthcare organization and ultimately become troublesome for the patients."

What's interesting is there was a steep decline in incidents in the September and October. Further, while there were more breach incidents in November than other months, June saw the most records lost at 11,061,649 with only 28 incidents.

Of the 57 breaches, 70 percent involved healthcare providers. But at least 25 of these incidents were caused by business associates or vendors. Ambucor Health Solutions, a clinical labor services provider was responsible for 11 of these incidents.

Twitter: @JessieFDavis
Email the writer: jessica.davis@himssmedia.com

Like Healthcare IT News on Facebook and LinkedIn

Topics: 
Data Warehousing, Mobile, Network Infrastructure, Privacy & Security, Workforce

More regional news

VA building signage

House passes veterans healthcare package without RESET Act

By
Andrea Fox
November 21, 2024
David Miles of Oklahoma Heart Hospital

Deep dive: A tour of all-digital Oklahoma Heart Hospital, where automation is the norm

By
Bill Siwicki
November 21, 2024
Healthcare workers looking at X-ray images on monitors

Streamlining healthcare operations with multicloud-by-design

November 21, 2024
Want to get more stories like this one? Get daily news updates from Healthcare IT News.
Your subscription has been saved.
Something went wrong. Please try again.

Top Story

VA building signage
House passes veterans healthcare package without RESET Act

Most Read

HMIS integration with other public HIS sought and more India briefs
Particle Health files antitrust suit against Epic
Choosing a managed IT service for aged care
ASTP intros 2024 draft Federal FHIR Action Plan
CrowdStrike all but assures Capitol Hill: Never again
Korea's largest hospital bags APAC's first Stage 6 of new INFRAM

Research

White Papers

More Whitepapers

Patient Engagement
Patient Engagement
Financial/Revenue Cycle Management

Webinars

More Webinars

Imaging
Interoperability
Artificial Intelligence

Video

David Miles at Oklahoma Heart Hospital_Part 1_Doctor holding health icon Photo by Tippapatt/iStock/Getty Images Plus
The CIO of an all-digital hospital walks readers through its successes
Dr Alice Sutedjo Lisa at SMC Telogorejo Hospital_HIMSS24 APAC
Assisting the elderly in digital care
Dr. Benoit Desjardins of the University of Montreal
Cyberattacks are becoming more widespread, and more disruptive
George Pappas at Intraprise Health_Digital shield and lock Photo by da-kuk/Getty Images
Tighter cyber mandates hold New York providers to higher security standards

More Stories

BJ Schaknowski of symplr
Too many IT systems with limited alignment impacts care quality
Doctor in scrubs using computer
Tenet to deploy AI platform across its physician network
Healthcare CIO with other healthcare executives
Health system CIOs' strategic responsibilities continue to evolve
George Pappas at Intraprise Health_Digital shield and lock Photo by da-kuk/Getty Images
Tighter cyber mandates hold New York providers to higher security standards
Clinicians look at diagnostic imaging
American College of Radiology launches AI quality registry
A doctor with glasses sits at a desk and speaks during a telehealth visit.
DEA and HHS extend virtual prescribing for controlled substances through 2025
Dr. Jay Anders at Medicomp Systems_Computer chip with stethoscope Photo by Just_Super/iStock/Getty Images Plus
Transparency and responsible AI are crucial for medical devices
George Pappas of Intraprise Health on cybersecurity
How to protect telemedicine from cyberattacks