"Third-Party Risk Contributes to Healthcare Data Breaches"

The number of Americans impacted by health data breaches has surpassed the country's population of 331.9 million. According to federal statistics, this indicates that many individuals have been affected by more than one incident. In just the past three years, the number and frequency of data breaches have nearly doubled, from 368 in 2018 to 715 in 2021. Over 330 data breaches involving 500 or more records were reported to the Office for Civil Rights (OCR) of the US Department of Health and Human Services (HHS) during the first half of 2022. IBM's 2022 Cost of a Data Breach research revealed that the average cost per incidence of a healthcare data breach reached $10.1 million, which is a 9.4 percent rise over the previous year. Third-party vendors contribute greatly to the threat of cyberattacks on the healthcare sector. OCR data showed that healthcare providers made up 72 percent of healthcare data breaches in the first half of 2022. Business associates accounted for 16 percent of breaches, while health plans accounted for 12 percent. During the first six months of 2022, healthcare data breaches compromised more than 19 million patient records. A handful of organizations were behind the massive amounts of lost data, as seven entities each experienced data breaches involving more than 490,000 records (6.2 million records total). This article continues to discuss where healthcare data breaches are occurring, notable third-party breaches that have impacted healthcare organizations, and how to mitigate third-party risk. 

Security Intelligence reports "Third-Party Risk Contributes to Healthcare Data Breaches"