2014 Was Landmark Year For Health Data Breaches

Greg Slabodkin | Health Data Management | December 26, 2014

When it comes to health data breaches, 2014 was a milestone year. Healthcare organizations accounted for about 42 percent of all major data breaches reported this year, according to the Identity Theft Resource Center.

2014 began with the FBI’s Cyber Division warning industry that healthcare systems and medical devices were at risk for increased cyber intrusions “due to mandatory transition from paper to electronic health records, lax cybersecurity standards, and a higher financial payout for medical records in the black market.” However, the concerns of law enforcement that the healthcare industry was not as resilient to cyber intrusions compared to the financial and retail sectors apparently went unheeded.

In an August filing with the Securities and Exchange Commission, Franklin, Tenn.-based Community Health Systems—with 206 hospitals in 29 states—reported that it had been hacked with protected health information covering 4.5 million patients compromised. The hackers, believed to be operating out of China, copied and transferred non-medical patient identification data from physician practice operations that included names, addresses, birthdates, telephone numbers and Social Security numbers...