New York sources reported that more than hackers trying to breach your personal data, hospitals, doctors' offices and even insurance companies could be leaking out your identity, new research shows. Meanwhile researchers from Michigan State University (MSU) and Johns Hopkins University found that more than half of the recent personal health information, or PHI, data breaches were because of internal negligence by medical providers not because of hackers or external parties.
Lead author John (Xuefeng) Jiang, Associate Professor at MSU said "This could be an employee taking PHI home or forwarding to a personal account or device, accessing data without authorization, or even through email mistakes, like sending to the wrong recipients, copying instead of blind copying or sharing unencrypted content”. Jiang said "Hospitals, doctors' offices, insurance companies, small physician offices and even pharmacies are making these kinds of errors and putting patients at risk”.
Accordingly the cases fell into six categories: theft, unauthorized access, hacking or an IT incident, loss, improper disposal or other, where more than half of the cases (53%) were triggered by internal negligence, while one quarter were caused by unauthorized access or disclosure more than twice the amount that were caused by external hackers, Jiang said.
Of the external breaches, theft accounted for 33% with hacking credited for just 12%.
