For the first half of 2017, insiders caused the majority of healthcare breaches. But for the first time this year, hacking incidents were the greatest threat to the healthcare industry, according to the latest Protenus Breach Barometer released Wednesday.

Healthcare organizations reported 36 breaches to the U.S. Department of Health and Human Services’ Office of Civil Rights in July. Protenus had data from the 29 incidents, where 575,142 patient records were breached.

Hacking was responsible for more than half of the total breaches in July, both in the number of attacks and impacted patient records. July had 17 hacking events affecting more than 516,000 records -- nearly 21 times more than those breached by insiders.

And 10 of the hacking incidents were caused by ransomware.

[Register Now: Upcoming HIMSS Healthcare Security Forum]

The largest breach impacted 300,000 patients of the Women’s Health Care Group of Pennsylvania. Officials said other breaches may have had comparable numbers, but researchers didn’t have definite numbers to analyze.

Insiders were responsible for eight or about 22 percent of July’s incidents. And five of the eight breaches were caused by insider wrong-doing.

The most notable insider breach for July was an employee who snooped on patient records without being detected for 14 years. Officials said this is the longest undetected breach ever found by the Breach Barometer.

[Also: The biggest healthcare breaches of 2017 (so far)]

What’s worse is that the employee breached the records of 1,100 patients, and no one within the organization noticed until a patient called in a complaint.

“This is a prime example of why healthcare needs to be much more proactive in detecting inappropriate access to patient information,” researchers wrote. “This organization will now face a multitude of costs associated with a breach, an unfortunate event that can now serve as a learning experience for the rest of the industry.”

Researchers did point out that healthcare organizations are making improvements in the amount of time it takes between the time the breach is discovered to when it reports to HHS.

“As time to disclose consistently improves, we hope that it’s because healthcare organizations are beginning to proactively detect inappropriate access to their patient information, which will ultimately be a critical step in getting ahead of this crisis that is plaguing the industry,” researchers wrote.

Twitter: @JessieFDavis
Email the writer: jessica.davis@himssmedia.com