Insights on the cost of July Data Breaches
In July 2020 there were over 1.12 million people affected by data breaches – 1,123,850 people to be exact. This type of data insecurity will likely cost the guilty companies millions of dollars and possible lawsuits.
HIPAA compliance is critical to protecting people’s personal information and while working in a hybrid work environment – where many people are working from home in environment with fewer controls over security and using new tools to practice healthcare – it is important than ever that your organization is asking the appropriate questions about whether you are still HIPAA compliant.
A breakdown of how these breaches occurred
Hacking Incidents – Is your data protected from malicious invaders?
According to our partners at Compliancy Group – an organization who aims to keep businesses handling personal health information (PHI) secure and compliant – many of July’s healthcare breaches were caused by hacking or IT incidents. These types of breaches occur when an unauthorized individual gains access to an organization’s PHI data. In July, 971,768 of the 1.12 million (86%) of the breaches were caused by hacking or IT incidents.
Healthcare breaches and incidents of theft and loss
In July, the compliancy group also found that almost 94,000 people had their personal health info stolen or lost while in the hands of ONLY 3 organizations. This finding is a testament to how a small number of breaches can leave MANY people’s info compromised. These types of incidents occur when organizations handling the data have insecure security protocol or relaxed IT security systems guarding their sensitive data. Two of the three organizations are neighborhood pharmacies that many people use regularly to obtain their prescriptions.
Breaches due to unauthorized access or disclosure of PHI
The Compliancy Group reported that over 53,000 people had their information accessed by people or entities that should not have had access to the data in the first place. These are NOT due to hacking or theft but rather the organizations allowance of unauthorized release of the info, without the consent of the patients.
This upward trending issue should be a major concern for business everywhere that may be handling PHI. That is why we are hosting our latest webinar with Paul Redding, Compliancy Group’s VP of Cybersecurity, to help clear the air of any confusion’s businesses may have about operating a hybrid workforce and thier data security while doing so. Please join us if you and your organization fear they may be at risk of breaching sensitive information, or if you are simply interested in learning more about ways you can ensure your business is handling their data securely. You can register for the webinar event here.