HIPAA Journal is the leading provider of news, updates, and independent advice for HIPAA compliance

Beazley Insights: 133% Increase in Healthcare Ransomware Demands

Beazley has released its half-yearly Insights report detailing the causes of data breaches experienced by its clients between January and June 2017.

Across the four industries covered by the report, hacks and malware – including ransomware- caused the highest percentage of breaches – 32% of the 1,330 incidents that the firm helped mitigate in the first half of 2017.

In the professional services industry, hacks/malware incidents accounted for 44% of the 1H total, in higher education it was 43% and the financial services was on 37%. Only healthcare bucked the trend with hacks/malware accounting for 18% of the total – the second biggest cause of incidents affecting the industry.

The report shows that the first six months of the year saw a 50% increase in ransomware attacks across all industries, with the healthcare sector experiencing the highest increase in ransomware demands, jumping 133% in those six months.

Get The Checklist

Free and Immediate Download
HIPAA Compliance Checklist

Delivered via email so verify your email address is correct.

Your Privacy Respected

HIPAA Journal Privacy Policy

While malware/ransomware attacks may top the list of breach causes, they are closely followed by accidental breaches caused by employees or third-party suppliers, which accounted for 30% of the total. However, for the healthcare industry, accidental data breaches were the leading cause of data security incidents, accounting for 42% of all healthcare industry breaches.

These accidental disclosures of PHI include a wide range of errors such as misdirected faxes and emails and the improper release of discharge papers. Beazley reports that the percentage of these incidents has not changed year over year.

The report authors point out that “This continuing high level of accidental data breaches suggests that organizations are still failing to put in place the robust measures needed to safeguard client data and confidentiality.”

The second biggest cause of healthcare data breaches was malware/ransomware incidents – One percentage point higher than last year’s report. Insider theft was in third place causing 14% of incidents, followed by the physical loss of records (8%) and portable device incidents (6%). Social engineering attacks accounted for 3% of the total with payment fraud on 1%. The remaining 8% of incidents were attributed to unknown/other causes.

The report authors point out that “This continuing high level of accidental data breaches suggests that organizations are still failing to put in place the robust measures needed to safeguard client data and confidentiality.”

Author: Steve Alder is the editor-in-chief of HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered on HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has several years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics.