Those of us in the Northern Hemisphere are well into our summer routines at this point - backyard barbeques, longer days, and warmer (or much too warm!) weather is being enjoyed by all. That’s the ideal, at least. Just as they say there’s no rest for the wicked, there is also no rest for those charged with protecting our personal data (PHI, PII, and beyond) data. It’s a 24/7 job, and it’s not going away anytime soon.
In international news, malicious attacks are taking place around the globe. Hackers are working to steal information from major government departments:
- In Russia, hackers are stealing secret project information of the Federal Security Service
- In Bulgaria the target was private details on every working adult in the country
- In the US, according to the Department of Education, hackers were looking to exploit an ERP vulnerability of 62 colleges
Additionally, two major reports have recently been released. Findings (detailed below) indicate that we shouldn’t expect privacy matters to wane in complexity or urgency any time soon.
Data Threat Report
The 2019 Thales Data Threat Report on the state of healthcare industry revealed that 70% of US healthcare organizations have experienced a data breach, one-third reportedly in the last 12 months. One area of concern: 100% of the organizations surveyed are collecting, storing, and sharing sensitive data, while only 38% or less are encrypting the data environments.
2019 Cost of a Data Breach Report
The statistics above are especially concerning because, according to the recently released Cost of a Data Breach Report, Healthcare is the most costly industry for data breaches according to the summary findings - over 60% more than other industries in the study. Other findings of note:
- Average time to identify and contain a breach: 279 Days
- Data breaches in the US continue to outpace breaches in other countries - more than double the cost.
- The cost of a data breach has risen 12% over the past 5 years.
...it’s not all bad news, however. The report also found that companies with an incident response team and a well-practiced response plan experienced $1.23 million less in data breach costs on average than those that had neither measure in place. There is also a dollar amount savings associated with the speed at which you resolve a privacy incident - basically, the faster you contain and remediate a breach, the less costly the outcome.
If you’d like to share what privacy and data breach news is currently on your radar, we would love to hear from you at firstname.lastname@example.org.