From January to June 2024, 387 data breaches involving 500 or more records were reported to the Office for Civil Rights (OCR), marking an 8.4% increase compared to the first half of 2023 and a 9.3% increase compared to 2022.
Of the reported breaches, 301 were hacking incidents, accounting for 77.78% of the total, exposing 45.5 million patient records. An IBM Security study found that human error contributes to 95% of breaches, with the most common cause being employees clicking on infected links or email attachments.
To combat the growing cyber threats, healthcare organizations are urged to take proactive steps, including conducting regular SRA, providing thorough employee training on cybersecurity best practices, and establishing and enforcing robust policies and procedures. Healthcare organizations can access resources like the Security Risk Assessment Tool and the HIPAA Compliance Checklist to improve their compliance efforts.
The future of healthcare cybersecurity will likely see advancements in AI and machine learning technologies to enhance threat detection and response. As AI becomes more integrated into cybersecurity frameworks, healthcare organizations will need to stay ahead of emerging threats and leverage these technologies to protect patient data. The expansion of remote care and telehealth services will also require stronger security measures to safeguard sensitive information in increasingly digital and interconnected healthcare environments.
Related: How AI is revolutionizing email breach detection and response
The increase in healthcare data breaches can be attributed to various factors, including more sophisticated cyberattacks, such as ransomware and phishing, and human error, which often involves employees clicking on infected links or email attachments.
The data breaches in the first half of 2024 resulted in the exposure of 45.5 million patient records.
Advancements in AI and machine learning are expected to enhance threat detection and response, allowing healthcare organizations to stay ahead of emerging cyber threats and protect patient data more effectively.
Read more: How AI and automation are changing the face of HIPAA compliance