Health Data Breach Trends: A Mid-Year Assessment
Biggest Incidents Have a Wide Variety of Causes
… Because some recent business associate breaches – such as the Magellan ransomware incident – have affected multiple healthcare organizations, “it’s clear how interconnected we are,” notes Susan Lucci, senior privacy and security consultant at tw-Security.
“With multiple points of connectivity, it is likely that if one client of a business associate becomes a victim of a breach, others may be next, creating a cascade of breach events. Because of interconnectivity pursuits, it is extremely difficult to lock down every potential entry point of risk,” she says.
“This is one reason why it is so incredibly important to touch base with your business partners to check in. Ask what their data security goals are for this year. If there is a long pause, then another, more detailed conversation is warranted. The bottom line is communicate with your business associates to validate how they are protecting your data.”
Lucci predicts that business associate breaches and phishing emails that open the door to ransomware or other malware attacks will continue to plague healthcare.
“The more business associates are aware of ways to improve their practices, the more protected your organization will be,” she notes. “When it comes to email incidents, cybercriminals have been extremely creative in finding new ways to get people to make a fatal click on links and open attachments that contain ransomware or malware.”