Health care 'disproportionately affected' by data security incidents

Written by Colin Marrs on 2 June 2017 in News

Information Commissioner's Office shows sharp increase in data breach incidents in central government and courts sectors.

ICO releases four years' worth of data on security breaches - Photo credit: Tobias Felber/DPA/Press Association Images

Health care organisations made up almost half of data breaches in the four years to the end of December, according to new figures from the Information Commissioner’s Office.

Data covering private and public sectors shows that health care organisations suffered 2,447 incidents between January 2013 and December 2016 43% of the total.

The second highest sector for breaches was local government, with 642 reported incidents – just 11% of all incidents.

Commenting on the data, Tony Pepper, chief executive and co-founder of Egress Software Technologies, said: “Following the WannaCry exploit, the vulnerability of the healthcare industry, and the critical importance of improving its cybersecurity, has come into sharp focus.”

The data, collected by Egress, showed that human error was attributable to human error in more than half of the cases reported to the ICO.

Incidents down to theft or loss of paperwork made up 24% of incidents, while data posted or emailed to the incorrect recipient made up 28%. Failure to redact data accounted for 5%.

“While it’s clear there is a security problem in healthcare, these figures show that it is as much about internal activity as external threat,” Pepper said.

“There’s no doubt that someone inadvertently emailing a spreadsheet containing sensitive patient details to the wrong person isn’t as good a headline as a ransomware attack, but that does not diminish the threat it poses.”

The courts and justice sector has experienced the most significant increase in incidents, a 290% jump since 2014, placing it in the top five worst affected industries by the end of 2016.

Other significant increases were seen in the central government and finance industries, with 33% and 44% rises, respectively.

Share this page



Please login to post a comment or register for a free account.

Related Articles

Test and trace scheme to keep citizens’ personal data for 20 years
29 May 2020

PHE also reveals outsourcers Serco and Sitel will process sensitive information and claims length of retention is ‘because Covid-19 is a new disease’

DCMS quizzed over guidance for dating sites
12 May 2020

No specific guidance has been issued for sector, but minister says department would ‘expect everyone to be aware’ of social distancing 

Related Sponsored Articles

Interview: CyberArk EMEA chief on how government has become a security leader
29 May 2020

PublicTechnology talks to Rich Turner about why organisations need to adopt a ‘risk-based approach’ to security – but first make sure they get the basics right