9 out of 10 healthcare organisations have dealt with data breaches
unsecured database compensation claims

Data Leak Lawyers - Begin Your Data Breach Claim Today!

Sign-up to a data breach claim today - use our quick and easy form to begin your claim for thousands of pounds in compensation.

Start Your Claim
Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy

solicitors regulation authority

9 out of 10 healthcare organisations have dealt with data breaches

According to a Ponemon Institute study (Sixth Annual Benchmark Study on Privacy & Security of Healthcare Data) released in May 2016, 90% of all healthcare organisations have ‘dealt with a data breach in the past two years‘.

As we know, data breaches appear to be on an upward trend for a number of reasons, including the greater reliance on digital means of storing and accessing information, as well as because data breach reporting is often mandatory in many countries, and the rules are being tightened.

This latest research doesn’t make for comfortable reading at all…

Under the U.K.’s Data Protection Act (DPA), there isn’t a legal obligation for organisations that hold personal data to report data breaches in all circumstances. However, when the EU General Data Protection Regulation comes into force in May 2018, mandatory data breach reporting may be on the horizon.

This latest study suggests that breaches are becoming more common and more expensive. Cybersecurity researchers suggest that breaches are costing the healthcare industry up to $6.2 billion (£4.8 billion); a staggering amount.

Why is medical data being targeted by hackers?

It’s widely known that, when hospitals and GP surgeries are being attacked, medical records are a target. With medical records becoming more and more digitised these days, the avenues open to cyber-attackers to steal information have increased.

Medical records contain a wealth of information about an individual – all sorts of highly personal and medical data – which is why they’re commonly referred to as ‘treasure troves‘. Cyber-attackers can use this information to blackmail people or the healthcare organisations… They’ll even commit fraudulent activity such as applying for credit or securing prescription drugs by using the stolen information.

Medical information is more at risk of being stolen when it’s digitised, as many healthcare systems are outdated or lack the defences to properly repel attacks. By comparison, stealing credit card information can sometimes be less profitable for cyber-attackers when compared to stealing medical data.

According to International Business Times, cyber-hackers are willing to pay up to 20 times more for health information than they are for credit card information. Credit card companies have also implemented sophisticated fraud detection systems which medical record systems commonly lack.

Cost of cybersecurity

According to the Ponemon study, organisations have increased their expenditure in technology and security budgets. However, this doesn’t seem to have impacted the effectiveness of organisations’ cybersecurity, as 50% of healthcare organisations say they “have little or no confidence that they can detect all patient data loss or theft.”

Of those who haven’t invested in additional cybersecurity measures, the study reports that many organisations actually lack the money and resources to protect their data.

Regardless of size, no healthcare organisation is immune from a data breach. They must invest in order to keep their patients’ personal data safe. Though employee negligence and the use of employee-owned technological devices are threats to data security, cyberattacks remain a primary concern for healthcare organisations as Ransomware, Malware, and Denial-Of-Service (DOS) attacks are the top cybersecurity threats to healthcare organisations in 2016.

The vulnerability of healthcare organisations:

  • Some 69% of healthcare organisations believe they’re more vulnerable to a data breach than any other industry
  • Some 67% of healthcare organisations admitted that they were more alert to an imminent data breach as a result of well-publicised data breaches in the healthcare industry

But surely it shouldn’t take several breaches for a healthcare organisation to realise that they should beef-up their cybersecurity; it should be second nature.

The content of this post/page was considered accurate at the time of the original posting and/or at the time of any posted revision. The content of this page may, therefore, be out of date. The information contained within this page does not constitute legal advice. Any reliance you place on the information contained within this page is done so at your own risk.

We offer genuine No Win, No Fee agreements for our clients. Why we do this is simple:

Leading Data Breach Lawyers
Our experience speaks for itself.
We will fight for your right to compensation.
Access to Justice
As a victim of a data breach or hack, you deserve your chance to get access to justice.
Risks Assessment
We carefully risk assess your case and take it on if we think we have a good chance of winning the claim.

Request A Callback From Our Team

Fill out our quick call back form below and we'll contact you when you're ready to talk to us.

Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy
Contact is © of Your Lawyers Limited - we are 'Authorised and Regulated by the Solicitors Regulation Authority (SRA number 508768)'
arrow-up icon