DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Veriphyr Survey Finds More Than 70 Percent of Healthcare Providers Suffered Privacy Breach in Past 12 Months

Posted on August 31, 2011 by Dissent

Saw this press release today and thought it worth mentioning here for its statistics:

Veriphyr, a leading provider of Identity and Access Intelligence, today announced the results of new survey on Protected Health Information (PHI) privacy breaches. According to the findings, more than 70 percent of the organizations in the study have suffered one or more breaches of PHI within the last 12 months. Insiders were responsible for the majority of breaches, with 35 percent snooping into medical records of fellow employees and 27 percent accessing records of friends and relatives.

The report, entitled “Veriphyr’s 2011 Survey of Patient Privacy Breaches”, summarizes the findings of a survey of compliance and privacy officers at mid to large sized hospitals and healthcare service providers. Respondents were queried on their perceptions of privacy and compliance initiatives within their organization, adequacy of tools to monitor unauthorized access to PHI, and the number and type of breaches sustained in the past year. A complimentary copy is available here (registration required).

“Given that data breaches of patient information cost healthcare organizations nearly $6 billion annually, we were not very surprised to discover that more than 70 percent of the organizations surveyed were victimized last year,” said Alan Norquist, CEO of Veriphyr. “However, we did not expect the prevalence of insider abuse reported, and that nearly 80 percent of the respondents feel they lack adequate controls to detect PHI breaches in a timely fashion.”

Some of the report’s key findings include:

— Top breaches in the past 12 months by type: — Snooping into medical records of fellow employees (35%)

— Snooping into records of friends and relatives (27%)

— Loss /theft of physical records (25%)

— Loss/theft of equipment holding PHI (20%)

— When a breach occurred, it was detected in: — One to three days (30%)

— One week (12%)

— Two to four weeks (17%)

— Once a breach was detected, it was resolved in: — One to three days (16%)

— One week (18%)

— Two to Four weeks (25%)

— 79% of respondents were “somewhat concerned” or “very concerned” that their existing controls do not enable timely detection of breaches of PHI

— 52% stated they did not have adequate tools for monitoring inappropriate access to PHI


Related:

  • HHS OCR Settles HIPAA Ransomware Investigation with Syracuse ASC for $250k plus corrective action plan
  • Two more entities have folded after ransomware attacks
  • Data breach feared after cyberattack on AMEOS hospitals in Germany
  • Premier Health Partners issues a press release about a breach two years ago. Why was this needed now?
  • Theft from Glasgow’s Queen Elizabeth University Hospital sparks probe
  • North Country Healthcare responds to Stormous's claims of a breach
Category: Health Data

Post navigation

← Oakland man sentenced for aggravated identity theft and credit card fraud
Law requiring Florida pharmacists to send drug information to state starts Thursday →

1 thought on “Veriphyr Survey Finds More Than 70 Percent of Healthcare Providers Suffered Privacy Breach in Past 12 Months”

  1. Anonymous says:
    September 13, 2011 at 9:55 am

    The risks of solutions from companies like Veriphyr are that care providers are being asked to provide their data to an unproven third party business associate which, as we have seen in the New York Times, can be extremely risky to a care provider’s reputation, as well as financially damaging: http://www.nytimes.com/2011/09/09/us/09breach.html

    Secondly, since the company’s business model is “free”, what happens to all of the care provider’s data if Veriphyr goes out of business? Since the company is by definition under-resourced, they face a big challenge in ensuring that as a Business Associate they have put themselves under privacy & security scrutiny that their customers go under.

    Leading care providers cannot afford to take major risks with regulatory obligations on patient privacy and should look to vendors with proven customers, proven solutions that map to regulatory compliance and are proven to be viable.

Comments are closed.

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Scattered Spider Hijacks VMware ESXi to Deploy Ransomware on Critical U.S. Infrastructure
  • Hacker group “Silent Crow” claims responsibility for cyberattack on Russia’s Aeroflot
  • AIIMS ORBO Portal Vulnerability Exposing Sensitive Organ Donor Data Discovered by Researcher
  • Two Data Breaches in Three Years: McKenzie Health
  • Scattered Spider is running a VMware ESXi hacking spree
  • BreachForums — the one that went offline in April — reappears with a new founder/owner
  • Fans React After NASCAR Confirms Ransomware Breach
  • Allianz Life says ‘majority’ of customers’ personal data stolen in cyberattack (1)
  • Infinite Services notifying employees and patients of limited ransomware attack
  • The safe place for women to talk wasn’t so safe: hackers leak 13,000 user photos and IDs from the Tea app

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Congress tries to outlaw AI that jacks up prices based on what it knows about you
  • Microsoft’s controversial Recall feature is now blocked by Brave and AdGuard
  • Trump Administration Issues AI Action Plan and Series of AI Executive Orders
  • Indonesia asked to reassess data privacy terms in new U.S. trade deal
  • Meta Denies Tracking Menstrual Data in Flo Health Privacy Trial
  • Wikipedia seeks to shield contributors from UK law targeting online anonymity
  • British government reportedlu set to back down on secret iCloud backdoor after US pressure

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.