Monthly Data Breach Roundup: Hacking and Insiders in the Lead

databreachThe Breach Barometer published monthly through the joint effort of Protenus and provides a fair amount of insight into data breach happenings. As noted in the report, the findings are based upon information obtained through searching records and releases, not just looking at reports filed with the HHS Office for Civil Rights (“OCR”). By expanding beyond just OCR, the findings provide more insight than would otherwise be readily available.

Continuing the trend from last year, January 2018 saw an average of more than a breach per day. January saw a total of 37 breaches. As usual, hacking incidents and insider issues were the leading causes of the breaches.

Just considering the source of the breach does not tell the whole story though. As noted in the Breach Barometer, while January saw 12 insider incidents, those incidents only impacted 6,805 records, at least according to available figures. While the number of records that insiders accessed may not have been all that great, the fact that insiders are still inappropriately accessing information is troubling. One breach took over a year to detect and that individual reviewed a significant amount of personal information. That incident saw 1,309 records accessed over the course of 15 months. While that amounts to roughly 87 records per month, auditing may have been able to detect such activity. More tools are available in the marketplace to automate at least a portion of the review. Given the increasing availability of tools why are more not taking advantage? Can an argument be made that no using such a tool constitutes insufficient security practices? While that argument may not apply today, the story could be different in the very near future. Regardless of the technology that may be available now, organizations should not be ignoring insider risks.

As noted, the second leading cause of January data breaches was hacking.  Hacking accounted for 11 of the incidents and impacted 393,766 records. That total was over 80% of the records impacted in January. The causes of the hacks included phishing, ransomware and malware. Those causes do not present any surprises. Instead, the causes emphasize the fact that healthcare remains under attack and no relief is in sight. The high number of records is also consistent with previous reports since a hacking incident can easily spread across an entire system or eat up large chunks of data.

As with many previous versions of the bReach Barometer, the January report shows a lot of work remains to be done. No organization can feel secure and ongoing efforts are essential. While it is unrealistic to expect that a month will ever be breach-free, more can be done to reduce the frequency to less than a breach per day. Upping security and being aware of requirements are key and failure to do so could lead to the next HIPAA settlement headline.


About Matt Fisher

Matt is the chair of Mirick O'Connell's Health Law Group and a partner in the firm's Business Group. Matt focuses his practice on health law and all areas of corporate transactions. Matt's health law practice includes advising clients with regulatory, fraud, abuse, and compliance issues. With regard to regulatory matters, Matt advises clients to ensure that contracts, agreements and other business arrangements meet both federal and state statutory and regulatory requirements. Matt's regulatory advice focuses on complying with requirements of the Stark Law, Anti-Kickback Statute, fraud and abuse regulations, licensing requirements and HIPAA. Matt also advises clients on compliance policies to develop appropriate monitoring and oversight of operations.
This entry was posted in Compliance, Health IT, HIPAA and tagged , , , , , , . Bookmark the permalink.

1 Response to Monthly Data Breach Roundup: Hacking and Insiders in the Lead

  1. Pingback: Monthly Data Breach Roundup: Hacking and Insiders in the Lead - HITECH Answers: Meaningful Use, EHR, HIPAA News

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s