There were 320 breaches of unsecured protected health information in 2016, representing an increase of 18.5 percent over 2015, according to an IBM X-Force Research report.
The report, titled Security trends in the healthcare industry, analyzes threat trends such as vulnerabilities, exploits, active attacks, viruses and other malware, spam, phishing and malicious web content.
Here are four things to know.
- Insiders were responsible for the majority (68 percent) of all network attacks that targeted healthcare organizations in 2016, according an IBM Managed Security Services analysis. These insiders might include employees, clients or third-party maintenance contractors.
- More than one-third of insider attacks involved "malicious actors," however, employees who inadvertently compromise security can be equally as concerning. Inadvertent actors include those who fall victim to a phishing scam or who unintentionally misconfigure a server.
- One common way employees unintendedly compromise security is by losing a laptop. One recent report determined the healthcare and pharmaceutical industries represented the second highest rate of laptop loss across all industries.
- In February 2016, the protected health information of 400,000 individuals was stolen from an unencrypted password-protected laptop in an employee's car. Beyond PHI, stolen laptops often include passwords, files, access to VPN connections and wireless encryption keys.
Click here to view more of the report's findings.