Healthcare Cybersecurity: Less Breaches But More People Affected

Healthcare Cybersecurity: Less Breaches But More People Affected

March 6, 2019 Business Insurance and Risk Management, The Beacon Blog 0 Comments

The latest report on healthcare cybersecurity, from cloud security firm Bitglass, has a mix of good and bad news. On the positive side, the number of breaches in 2018 was at a three year low. On the other hand, the average number of affected individuals in a breach was 39,739 – over twice 2017’s average.

Almost 46% of breaches resulted from hacking and IT incidents, while unauthorized access and disclosure caused 36%. Breaches caused by lost or stolen devices were less than one third as many as in 2014.

11.5 million individuals were affected by healthcare breaches in 2018, 67% by hacking or IT incidents.

According to the Ponemon Institute, the cost per record for a healthcare breach increased to $408 in 2018.

The full report can be found at

In its 2019 Breach Briefing, cyber insurer Beazley reported 41% of cyber attacks targeted healthcare entities compared to 20% against financial firms. While breaches at financial firms are usually limited to a single payout, stolen healthcare data can be sold multiple times. Unlike credit card numbers, healthcare data cannot be cancelled.

About the Author

Harry Cylinder

Harry Cylinder, CPCU, ARM has spent nearly fifty years in the insurance industry, the majority of the time as a consultant. He has been employed by The Beacon Group of Companies since 2008, specializing in the review and analysis of property and casualty coverage forms. Mr. Cylinder has been reviewing policy forms as they have evolved over the past decades. In 2008 he published an article in the CPCU Journal which was the first description of cyber insurance coverage for a general insurance audience. Since that time he has regularly written on cyber and other topics for The Beacon Companies’ blog.