The healthcare industry remains the top target of computer hackers, according to a new report by the Identity Theft Research Center. The center said Wednesday that 322 healthcare organizations suffered data breaches in 2022 — the third year in a row the industry led all others in the number of data compromises.
Healthcare firms accounted for 19% of the 1,802 breaches last year, followed by financial services companies with 268 breaches, manufacturing and utilities with 249 breaches and professional services firms with 224 breaches. In 2021, healthcare accounted for 15% of breaches tracked by ITRC.
The possible theft of data by bad actors underscores the need for providers to ensure that HIPAA compliance is the bedrock for building privacy and security, according to Compliancy Group CEO Mark Haskelson, whose company provides automated HIPAA solutions for healthcare firms.
“It is impossible to prevent every data breach, especially when it happens outside of your organization, but HIPAA compliance can limit your liability and expose potential problems with suppliers through the due diligence that takes place while forging a business associate agreement,” he said.
Home care companies are among the healthcare organizations that have come under attack by hackers in recent years. Earlier this month, Home Care Providers of Texas filed a notice with the Texas attorney general’s office reporting that hackers encrypted and removed files from the company’s computer network. The company said the personal and financial information of more than 124,000 patients may have been compromised.
Last fall, Atlanta-based home care provider Aveanna Healthcare agreed to pay $425,000 to the Massachusetts attorney general’s office for failing to protect the personal information of patients and employees from phishing attacks. The state claimed Aveanna failed to protect up to 4,000 residents from hackers who may have accessed their personal and financial information during a series of attacks in 2019.
Data breaches began to spike in 2020, according to a data breach report from IBM and the Ponemon Institute. Annual data breach costs in 2022 averaged 4.35 million, a 2.6% increase from 4.24 million in 2021.
