FREQUENCY: 894 incidents, 571 with confirmed data disclosure. Healthcare is the number one industry for cybersecurity incidents and disclosure(s) of Personally Identifiable Information (PII) and Protected Health Information (PHI).
TOP PATTERNS: Web Applications, Miscellaneous Errors, Email Phishing, and theft of credentials are behind 86% of breaches.
THREAT ACTORS: External (61%), Internal (39%).
ACTOR MOTIVES: Financial (91%), Fun (5%), Espionage (4%).
DATA COMPROMISED: Personal (58%), Medical (46%), Credentials (29%), Other (29%).
TOP PROTECTIVE CONTROLS: Implement a Security Awareness Training Program, Secure Configurations of Enterprise Assets and Software, Access Control Management, Annual Risk Analysis and Testing.
Your employees are still causing breaches but they are over 2 1/2 times more likely to make an error than to maliciously misuse their access. Misdelivery and loss are the most common errors.
HIPAA compliance isn’t a one-time checklist. It’s ongoing, programmatic in nature, and requires demonstrated reasonable diligence to stay in good standing with the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR). ANATOMY_IT. can provide you peace of mind with our expert HIPAA compliance services. To learn more, contact us here.