There are strong indications that the price tag associated with healthcare data breaches is about to go up significantly. While 90% of healthcare organizations have experienced a data breach in the past two years, there's been a dramatic shift in litigation. New research indicates that data breach costs are about to rise, and healthcare organizations will be hit hardest.
The latest data breach statistics have captured a 24% increase in the number of healthcare-related data breaches in 2016, up to 277 data breaches affecting over 14 million records. The pace of data breaches has accelerated in the latter half of 2016. This is a troubling trend. Just looking at this past September, there were 37 separate healthcare breach incidents, of which 41% were associated with the Insider Threat. Half of those incidents were insider accidents, while the other half were notably malicious. Hacking and ransomware accounted for a further 32% of data breaches for that month.
Last year, the 2015 Data Breach Litigation Report indicated that 73% of class action data breach litigation cases focused on credit card data. In just one year, everything has changed. Back then, the report showed that only 23% data breach litigation cases focused on credit card data. Another 57% of class action lawsuits focused on sensitive data. However, this year's report indicates a 33% increase in the number of class action filings in the medical industry in response to the growing number of healthcare data breaches. But, why is that?
Greater protections for fraud on credit cards, and rapid fraud discovery, have devalued the use of credit card data to cybercriminals. Meanwhile, personally identifiable data (and medical records in particular) continue to retain their value. In fact, healthcare data is 10 times more valuable than credit card data on the black market.
It’s been estimated that the true cost of a data breach is grossly misrepresented already. It can often take years to deal with drawn out litigation, which adds to the cost. Too often, soft costs are overlooked as well. These are associated with increased insurance premiums, lost customers, lost contract revenue and more. With class action suits becoming the norm, and greater fines being levied by government and industry regulators, it’s time to step up data protections.
Don’t let a costly data breach catch you by surprise. Instead, assume you are at risk and take steps to shore up the most likely risk points, which often involve mobility, the cloud and the insider threat. Through a depth-of-defense approach, your organization will be better prepared to prevent, detect and respond to security incidents.
Absolute provides persistent endpoint security and data risk management solutions for thousands of customers around the globe. By providing them with a persistent connection to all of their devices and the data they contain (even in the cloud), our customers can secure endpoints, assess risk, and respond appropriately to security incidents. Learn more at Absolute.com