More than hackers trying to breach through your data, hospitals, doctor’s offices and even insurance companies could also be leaking out your identity, new research shows.
Researchers from Michigan State University (MSU) and Johns Hopkins University found that more than half of the recent personal health information or PHI, data breaches were caused because of internal negligence by medical providers, not just because of hackers or eternal parties.
“This can be an employee taking PHI home or forwarding to a personal account or device, like sending to the wrong recipients, accessing data without authorization, or even through email mistakes, copying instead of blind copying or sharing of unencrypted content,” said lead author John (Xuefeng) Jiang, Associate Professor at MSU.
“Hospitals, doctors’ offices, insurance companies, small physician offices and even pharmacies are making these kinds of mistakes and putting patients at risk,” Jiang added.
For the study, published in JAMA Internal Medicine, the team reviewed nearly 1,150 cases between October 2009 and December 2017 that affected over 164 million patients in the US.
These cases fell into six different categories: theft, unauthorised access, hacking or an IT incident, loss, improper disposal or other.
And more than half of the cases (53 per cent) were triggered by internal negligence, while one quarter was caused by unauthorised access or disclosure, more than twice the amount that was created by external hackers, Jiang continued.
However, of the external breaches, theft accounted for 33 per cent with hacking credited for just 1 per cent.
While secure software and hardware security can protect us from theft and hackers, the following procedures such as moving from paper to digital medical records, safe storage, moving to no-mobile policies for patient-protected information and implementation encryption can help mitigate this crime, the researchers suggested.