According to the Global Healthcare Data Breach Report prepared by InfoWatch Analytical Center for 2017, the number of registered personal data leaks worldwide, including social security numbers, credit card details, specific health records, and medical histories of patients, dropped by 7.7% (down to 370 cases) YoY, with the volume of records compromised as a result of data leaks almost halving (from 26.8 million to 14.2 million records). At the same time, the number of healthcare data leaks skyrocketed (more than twofold) in Russia.
The report authors believe that this global reduction in both the number of incidents and the volume of leaked records was underpinned by better protection of medical data in the U.S., the largest healthcare system of the world. According to experts, over 80% of U.S. healthcare organizations increased their cybersecurity budgets in 2017. However, the report emphasizes the growing value of healthcare data as a result of technological development (e.g. telemedicine) and a wide variety of means to use such data electronically. Therefore, both the number of healthcare leaks and the volume of compromised data will inevitably keep growing all over the world in the near future, Sergey Khayruk, Analyst at InfoWatch Group, believes.
External attacks account for some 30% of medical data leaks worldwide, while, in Russia, 100% of recorded incidents were triggered by insiders. In Russia, malicious employees of healthcare institutions typically leak information of seriously ill and dead patients to funeral homes.
“Personnel of Russian healthcare organizations has an extremely poor understanding of how to handle confidential information. Moreover, malicious insiders realized they could easily derive profit from poorly protected personal data of patients and co-workers,” noted Sergey Khayruk. “On the other hand, Russian healthcare institutions still do not look very attractive to cybercriminal groups due to low level of IT adoption compared to global rates, fragmentarily developed medical information systems, and huge volumes of paper documents.”
The authors also note that the share of intentional internal leaks in Russia is much higher than worldwide (39% vs. 30%).
Both Russian and global healthcare suffered from around 25% of skilled leaks, i.e. leaks associated with fraud or abuse of information system access, with the share of such leaks doubling in Russia and not changing considerably on a global scale compared to 2016.
As for compromised data types in 2017, the Russian healthcare sector only saw leaks of patient and staff personal data, while, globally, healthcare organizations also lost payment details (12.2%), trade secrets and know how (0.8%).
The breakdown of healthcare data incidents by channel varies widely in Russia and worldwide. Thus, paper documents and instant messengers account for a larger share of leaks in Russia (24% and 19% respectively) than on a global scale (16% and 3%).
The report authors came to a conclusion that healthcare sector is one of the leaders in the impact on information assets by malicious insiders. It is employees, top managers, and system administrators who cause the majority of incidents and data breaches.
“The price healthcare sector has to pay for mitigating data leak consequences is constantly growing,” noted Sergey Khayruk, Analyst at InfoWatch Group. “According to industry-specific analytical agencies, one leak by a malicious insider costs a company in any sector an average of $8.5 million, which is more than two times higher than two years ago. The higher the value of healthcare information, the more criminals want to get hold of it.”
Download reportFull version, pdf - 778 КБ