Healthcare data breaches: Insights and Implications.

by Editor


From the year 2005 to 2019, the number of individuals affected by healthcare data breaches was 249.09 million. Out of which, 157.40 million individuals were affected from 2014 to 2019. Similarly, in 2020, over 34 million individuals were affected, followed by 45 million in 2021 alone. According to The Office for Civil Rights Department of Health and Human Services)

Due to advancements in IoT, smart devices, and information systems, healthcare systems have become computer-based. All the data and records are managed via computers and are stored in local or remote servers. These technologies have helped healthcare move from a paper-based system to Electronic Health Record (EHR) system. The EHR systems got much popularity in less time as they are cost-effective, fast, and better than many healthcare organizations adopting them.

E-health data is highly receptive, targeted most frequently by attackers. A long-term analysis of data breaches showed that healthcare records were exposed by internal and external attacks, such as hacking, theft/loss, unauthentic internal disclosure, and the improper disposal of unnecessary but sensitive data.

This article will aim at sharing insights on healthcare data breaches and the implications that these incidents can have on organizations that suffer from them. It will also serve as a guide for healthcare organizations to prevent or mitigate the impact of such occurrences.

Why is Healthcare Industry a Primary Target of Cyber-attacks?

The biggest reason the healthcare industry is the primary target of cyber-attacks is that the attackers get worth millions of dollars of data in a single breach. Healthcare is a $1.2 trillion industry. The hospitals and clinics have enough financial resources to pay the ransomware in the private sector. Whereas in the public sector, the situation is the opposite.

Another reason is the reliance of hospitals and clinics on outdated systems with minimal resilience to cyberattacks. On the other hand, the organizations using modern healthcare facilities are still vulnerable to security breaches even though they use electronic data sharing and virtual services to facilitate patients.

Furthermore, the healthcare industry is more prone to cyber-attacks due to its slow adoption of cybersecurity technologies and measures. According to IBM’s survey, only 23% of hospitals have deployed security automation tools. Only 6% or less IT budget in healthcare organizations is dedicated to cybersecurity, according to the HIMSS survey.

Healthcare data insights show that the number of individuals affected from 2015 to 2021 was three hundred twenty-eight million and ninety thousand. You can easily determine how much data could be stolen in a single data breach from this number.

Moreover, according to Black Book Market research, more than 93% of healthcare organizations faced data breaches in the past three years, and 57% had more than 5 data breaches in the same time frame.

Costs of Healthcare Data Breaches:

One of the primary reasons healthcare organizations are the target of cyber attackers is financial gain. According to a report published by IBM, a typical healthcare data breach costs $6.45 million to the organization. Usually, it fetches $8.19 million. However, an average data breach (25,575 compromised records) costs $15 million in the USA.

How do Cyber-attacks Happen in Healthcare?

Because healthcare organizations hold so much information of significant monetary and intelligence value to cybercriminals and nation-state actors, they are particularly vulnerable to and targeted by cyberattacks. Protected health information (PHI) of patients, financial information such as credit card and bank account numbers, personally identifying information (PII) such as Social Security numbers, and intellectual property relating to medical research and innovation are among the data sets targeted.

The most significant reasons for the security breaches in healthcare organizations are an inadequate employee and client training and the lack of usable security measures. Healthcare professionals are not tech-savvy enough to understand the consequences of a cyber-attack. According to HelloHealth, 90% of security breaches in the health sector happen due to human error, which means that hospital or clinic employees’ unintentional actions, such as downloading or clicking an attachment infected by malware, cause the data breaches.

The insiders are the other source for cyber attackers that help them steal the patient’s data. People working in any healthcare organization with access to confidential data sell that data to cybercriminals and earn a profit. One of the Accenture reports mentions that 29% of healthcare professionals knew someone selling the authorized access to the patient’s data. 47% of the healthcare professionals who took part in the survey mentioned that they were aware of data breaches in their organizations, out of which many were not reported.

The lack of cybersecurity experts is also one reason the healthcare sector faces many security breaches. The Black Book Research found that it takes healthcare organizations 70% more time to hire a cybersecurity professional than other IT jobs. This means that due to the lack of talent in cybersecurity, healthcare organizations are left with no choice except to rely on IT professionals with less or no knowledge to secure the institutions against data breaches and ever-evolving cyber attacks.

Type of Hacking and Cyberattakcs that Result in Healthcare Data Breaches:

Nowadays, stealing personal health information (PHIs) is common in the black market. According to Infosec Institute, a PHI could cost up to $363. For healthcare organizations, the cost per stolen record reaches approximately $355, whereas, for non-healthcare companies, it is almost $158 (half of what it is for the healthcare sector). From these stats, you can determine why healthcare is the primary target of cybercriminals.

However, different types of cybersecurity threats are faced by healthcare organizations:


Malware is any software, link, or email, that infects the organization’s data as soon as someone clicks on it. Once a user clicks on malware, it hacks the organization’s data, steals, deletes, or misuses it while blocking critical files and applications access.

Ransomeware and Spyware:

Ransomeware is malware in which the attacker encrypts the files and data and demands some ransom to restore or decrypt the files. However, paying the ransom does not guarantee access or unlocking the files and data. In the first ten months of 2020, the ransomware attacks in healthcare organizations jumped 45%, which was more than double that of other industries.

Spyware is another malware. It is a way to monitor and report the activities of an individual or an organization to a third party for wicked actions.

Phishing and Spear Phishing:

A cyberattack in which the attacker approaches the employees of an organization in one way or another, such as via email, phone call, text message, or any other media acting as a legitimate professional or institution to gather some sensitive information. This information could be passwords, credit card details, and other personally identifiable information.

Spear Phishing is the same as phishing, except it targets specific individuals and organizations. It is much more difficult to detect and has become the cyberattack of choice due to remote health workers and fewer cybersecurity measures.

Denial of Service Attacks:

The denial of service attack targets a specific server, network, or IoT device by bringing up the flood of Internet traffic with an intent to exhaust the resources and bandwidth. Denial of Service attack prevents the healthcare professionals from accessing the network or devices to provide healthcare services or access the sensitive information for their jobs.

How can Healthcare Industry Avoid Data Breaches?

Healthcare organizations are expected to spend $125 billion on cybersecurity to avoid data breaches and security issues. As discussed earlier, the lack of proper education and staff training, and cybersecurity experts, the healthcare sector faces the most significant data breaches among the other industries. The appropriate staff training and education can help healthcare organizations secure their systems and avoid data breaches. Some of the measures that the health sectors can take are as follows:

  • Investing in better IT infrastructure and staff training.
  • Up-to-date cyber planning.
  • Implementing Mobile Device Management (MDM) and Endpoint Detection and Response (EDR) to mitigate the security risks.
  • Investing in the latest technology and cybersecurity infrastructure.
  • Conducting the training to educate the employees and healthcare professionals to learn about the systems and avoid opening or clicking any corrupted files.
  • Consulting to a data center to store their data remotely. The data center will then be responsible for managing and securing the data from the cyber-criminals and any kind of cyberattacks.
  • Conducting data analysis to record which data is being generated in which department and what information is being transferred from one place to another.
  • Using time series analysis for data breach forecasting and risk forecasting.

Pro-Tip: Use Protected Harbor:

Protected Harbor builds a custom protocol for your firm from the ground up to safeguard your data center in the healthcare and medical industries against cyberattacks, outages, and downtime, among other things. Protected Harbor does this while ensuring HIPAA Compliance and securing the PHIs and EHRs. You can use this data center to avoid any risks associated with your data.

Why Choose Protected Harbor?

  • Enhanced security
  • 9% uptime
  • Highest regulatory standards
  • Experienced IT expert team
  • 24×7 remote monitoring


The implication is that the Healthcare sector is the primary target for cybercriminals as almost every one of us uses healthcare facilities. The amount of data generated, stored, and exchanged by healthcare organizations is extensive. This data includes sensitive data, electronic health records, and patients’ personal health information. Furthermore, all the information regarding internal entities is included in that data. Data confidentiality is difficult in this era of technology, networks, and the Internet as there are so many sources for cybercriminals to hack the systems used in the healthcare sector. The internal entities also serve as a source of providing authorized access to these criminals.

You may also like

Leave a Comment

Even More News