Surge in HIPAA Data Breaches likely in 2014

by | Dec 14, 2013

Experian credit bureau has released a new report that predicts that 2014 will see a surge in  data breaches. The report also foresees that the healthcare industry will most targeted.

The report says that the reason healthcare is so attractive to hackers is the sheer size of the industry. There is what the report labels an “expanded attack surface for breaches,” due to new EHRs and Health Insurance Exchanges (HIEs), while the worth and volume of data held hakes healthcare providers attractive targets for hackers.

Experian provides credit monitoring services, but also helps clients to recover from data breaches. The company indicated that almost half of data violations that it dealt with last year were from the healthcare industry.

The report refers to a number of reasons why data breaches are expected to increase, and indicates it is mainly due to the huge organizational infrastructure changes that are needed under the Affordable Care Act, HIPAA, HITECH and other legislation together with general unpreparedness, a massive number of people who have access to data and general tightening of the rules surrounding data access.

However, many data violations are being caused accidentally. Doctors now have to become more involved in the document management process and they are not ideally equipped for that or prepared to take on the responsibility. Unfortunately, laptop computer theft and the loss of other devices is proving to be a major issue.

It is the low-tech data breaches which really must be focused on, although many organizations are concerned with avoiding highly sophisticated attacks using malware, viruses and complex phishing attacks.

The purchase of a firewall is very important, but some people then fail to turn it on. Anti-virus software is installed, yet not set to automatically install updates. Anti-malware software is not activated and rooms storing IT equipment such as network servers are left unlocked and  with no active alarm. These are issues which must be immediately tackled to prevent data breach violations.

The report portrayed that out of the 2,200 violations, three in the top ten were caused by human error and careless security practices. Default logins and passwords not being amended or disclosures of passwords can, and do, lead to data violations.

The report placed the value of healthcare data at an estimated $12 a record, but some data is more valuable and if healthcare data is taken into account, records can sell for more than $50 – the reason being healthcare data enables criminals to commit insurance and medical fraud.

Due to the high potential of suffering a data breach it is essential that organizations get ready and have an active breach response plan. It is highly probable that it will need be put to use.

Raise the level of HIPAA Awareness in your organization with Learner-Friendly, Comprehensive and Affordable HIPAA Training.


Please enable JavaScript in your browser to complete this form.

Patrick Kennedy

Patrick Kennedy is a highly accomplished journalist and editor with nearly two decades of experience in the field. With expertise in writing and editing content, Patrick has made significant contributions to various publications and organizations. Over the course of his career, Patrick has successfully managed teams of writers, overseeing the production of high-quality content and ensuring its adherence to professional standards. His exceptional leadership skills, combined with his deep understanding of journalistic principles, have allowed him to create cohesive and engaging narratives that resonate with readers. A notable area of specialization for Patrick lies in compliance, particularly in relation to HIPAA (Health Insurance Portability and Accountability Act). He has authored numerous articles delving into the complexities of compliance and its implications for various industries. Patrick's comprehensive understanding of HIPAA regulations has positioned him as a go-to expert, sought after for his insights and expertise in this field. Patrick's bachelors degree is from the University of Limerick and his master's degree in journalism is from Dublin City University. You can contact Patrick through his LinkedIn profile:

Raise the level of HIPAA Awareness in your organization with Learner-Friendly, Comprehensive and Affordable HIPAA Training.

Comprehensive HIPAA Training

Used in 1000+ Healthcare Organizations and 100+ Universities

    Full Course - Immediate Access

    Privacy Policy