Data breaches that affect the healthcare sector are a huge privacy and security disaster. As Dr. Mansur Hasib told us in an interview, the worst breach in healthcare so far was at Anthem (the Anthem medical data breach that took place in 2015) where over 80 million records (including his own) were breached.
The worst case scenario for a data breach like this one is that many people were minors at the time of the incident and it may take years for them to find out the extent of damage.
Survey Reveals Troublesome Details about Medical Data Breaches, One in Four Participants Had Their Records Stolen
Moreover, a new survey by Accenture in which 2,000 US consumers participated has revealed that one in four participants have had their personal medical details stolen from systems. Half of the breached Americans were in fact victims of medical identity theft and had to pay approximately $2,500 per incident.
Another detail that the survey uncovered is that breaches are most likely to happen in hospitals. This is indeed the location that received the most votes from participants, followed by urgent-care clinics, pharmacies, physician’s offices, and health insurers.
How did victims discover they were breached? According to the survey, half of the respondents found out about the personal data incident themselves as they noticed an error on their credit card statement or benefits explanation. Another one-third received an alert by the victimized organizations. Just a small part of participants were informed about the corresponding breach by a government agency.
What was the outcome of the breach? In most cases, it was theft of medical identity which was used to purchase various items or for other counterfeit deeds like prescription fillings.
Almost one-third of the survey respondents had their social security number, contact information or medical data compromised.
Reza Chapman, managing director of cybersecurity in Accenture, concluded that:
Health systems need to recognize that many patients will suffer personal financial loss from cyberattacks of their medical information. Not only do health organizations need to stay vigilant in safeguarding personal information, they need to build a foundation of digital trust with patients to help weather the storm of a breach.