Cyberthreats: A primer for healthcare professionals.

Tin, Derrick; Hata, Ryan; Granholm, Fredrik; Ciottone, Robert G; Staynings, Richard; Ciottone, Gregory R

Tin, Derrick; Hata, Ryan; Granholm, Fredrik; Ciottone, Robert G; Staynings, Richard; Ciottone, Gregory R.

Tin D; Disaster Medicine Division, Department of Emergency Medicine, Beth Israel Deaconess Medical Center and Harvard Medical School, United States. Electronic address: dtin@bidmc.harvard.edu.
Hata R; Disaster Medicine Division, Department of Emergency Medicine, Beth Israel Deaconess Medical Center and Harvard Medical School, United States. Electronic address: rhata1@bidmc.harvard.edu.
Granholm F; Swedish Air Ambulance (SLA), Mora, Sweden. Electronic address: fredrik.granholm@regiondalarna.se.
Ciottone RG; Disaster Medicine Division, Department of Emergency Medicine, Beth Israel Deaconess Medical Center and Harvard Medical School, United States. Electronic address: rciotton@bidmc.harvard.edu.
Staynings R; University of Denver, University College, United States. Electronic address: richard.staynings@du.edu.
Ciottone GR; Disaster Medicine Division, Department of Emergency Medicine, Beth Israel Deaconess Medical Center and Harvard Medical School, United States. Electronic address: gciotton@bidmc.harvard.edu.

Am J Emerg Med ; 68: 179-185, 2023 06.

Article in English | MEDLINE | ID: covidwho-2319898

ABSTRACT

ABSTRACT

INTRODUCTION:

Cyberattacks are one of the most widespread, damaging, and disruptive forms of action against healthcare entities. Data breaches, ransomware attacks, and other intrusions can lead to significant cost both in monetary and personal harm to those affected and may result in large payouts to cyber criminals, crashes of information technology systems, leaks of protected health and personal information, as well as fines and lawsuits. This study is a descriptive analysis of healthcare-related cyber breaches affecting 500 or more individuals in the past decade in the United States.

METHODS:

The publicly available U.S. breach report database was downloaded in the Microsoft Excel (Microsoft, Redmond, Washington, USA) format and searched for all reported breaches occurring between January 1, 2011 - December 31, 2021 (10 years). Breaches were subdivided by category and analyzed by states, breach submission dates, types of breach, location of breached information, entity type, and individuals affected. All subcategories were predefined by the breach report.

RESULTS:

There were a total of 3822 PHI breaches that affected 283,335,803 people in the United States from January 1, 2011 to December 31, 2021. Of the 3822 PHI breaches, 1593 (41.7%) were hacking/ IT related, 1055 (27.6%) were listed as unknown, 819 (21.4%) were theft related, 194 (5.1%) were loss related, 97 (2.5%) were related to improper disposal and 64 (1.7%) were listed as "others". Year 2020 saw the most breaches with 631 and California was the state with the highest number of breaches at 403.

CONCLUSION:

Cyberattacks and healthcare breaches are one of the most costly and disruptive situations facing healthcare today. A total of 3822 breaches affecting 283,335,803 people in the United States were recorded from January 1, 2011 to December 31, 2021. By understanding the extent of cyberthreats this will better prepare healthcare organizations and providers to mitigate, respond, and recover from these devastating attacks.

Subject(s)

Computer Security; Confidentiality; Humans; United States; Health Facilities; Washington; Electronic Health Records

Fulltext

XML

PubMed Links

Search on Google

Full text: Available Collection: International databases Database: MEDLINE Main subject: Computer Security / Confidentiality Type of study: Prognostic study Limits: Humans Country/Region as subject: North America Language: English Journal: Am J Emerg Med Year: 2023 Document Type: Article

Similar

MEDLINE

LILACS

LIS

Fulltext

XML

PubMed Links

Search on Google