Data Breaches in the Healthcare Industry
As per data published by the Office of the Australian Information Commissioner, the healthcare industry in Australia accounted for 22% of notifiable data breaches between January to June 2020, which was more than any other industry. Cybercriminals continue to target this industry due to the vast amounts of highly sensitive personal information (such as Medicare numbers, credit card information and medical insurance numbers) that is stored by healthcare providers.
The risk of a breach and the lingering threat of cybercriminals has only intensified with COVID-19. More and more people continue to share their personally identifiable information with healthcare providers, while the healthcare providers fail to provide cyber security training and awareness to their employees. In an increasingly challenging cyber security landscape, healthcare providers must be prepared for a data breach to ensure they’re in the best defensible position when a cyberattack inevitably occurs.
The illustration below provides a snapshot of several healthcare data breach incidents that have occurred since the start of the pandemic.
Over the past 17 years, Kroll’s Cyber Risk practice has managed data breaches for over 1,600 healthcare institutions worldwide, and since 2019 has engaged with 14 million patients to help mitigate risks stemming from data breach incidents. Healthcare data breaches generate higher levels of anxiety in the impacted population given the nature of information compromised compared to data breaches in other industry. This also results in a higher volume of inbound phone calls from impacted stakeholders to our call centers and investigators/restoration specialists.
Using our healthcare industry experience, we are able to provide unique insight into what effective breach management by a healthcare provider looks like, as a well as the impact a breach can have on the patient’s decision to continue receiving care from the provider.
This whitepaper examines how cyber security threats and data breaches in the healthcare industry have evolved since COVID-19 and assesses recent public incidents and case studies to better understand the landscape and consider best approaches for the healthcare industry.
To view the full paper, download it now.