Bitglass Research Shows Device Theft Dominates Healthcare Data Breaches

68 Percent of Healthcare Data Breaches Due to Loss or Theft of Devices, Not Hacking

Medical Records Projected to Surpass Credit Cards to Become Top Target for Hackers


CAMPBELL, CA--(Marketwired - Nov 4, 2014) - Bitglass, the Total Data Protection company, today announced the findings from its 2014 Healthcare Breach Report. Bitglass analyzed healthcare data breaches from the past three years and found that 68 percent of breaches since 2010 occurred because devices or files were lost or stolen, while only 23 percent were due to hacking. The report also found that more than 76 percent of all records breached were the result of loss or theft. The findings come from analyzing data on the United States Department of Health and Human Services' "The Wall of Shame," a database of breach disclosures required as part of the Health Insurance Portability and Accountability Act (HIPAA).

"Nearly half of all data breaches reported in the U.S. are healthcare related," said Nat Kausik, CEO of Bitglass. "While major hacking events more commonly make headlines, our research shows that unprotected data on lost or stolen devices represents the majority of breach activity in healthcare. Some of these devices contain hundreds of thousands of records. This reaffirms the need for healthcare organizations to reevaluate their security and compliance strategies."

Recent studies have also shown that healthcare data is 50 times more valuable than credit-card information on the black market. Unlike fraudulent charges made on stolen credit cards, which financial institutions will cancel, compromised protected health information (PHI) is the responsibility of the patient.

"The credit card industry's efforts to adopt chip-and-PIN technology will further devalue stolen credit-card information, making healthcare data an even more attractive target for hackers. And unlike credit cards, which limit personal liability for fraudulent transactions, there are no such protections in place for victims of healthcare fraud," said Rich Campagna, vice president of products at Bitglass.

The report is available here: http://pages.bitglass.com/pr-2014-healthcare-breach-report.html

Bitglass Is Recommending Two Key Considerations for Healthcare Data Security in Today's World of Cloud Apps and Mobile Devices

Secure Data, not Devices or Networks: By securing sensitive data as it flows down to end-user devices, health care organizations ensure that even if the device is lost or stolen, sensitive data is not compromised. Technologies such as on-the-fly encryption, redaction, DLP and DRM on sensitive data must be dynamically and automatically applied by policy.

Make Data Security a User-Friendly Experience: Mobility enables healthcare workers to spend more time on their patients. Any solution that hinders productivity is bound to attract workarounds that defeat security policies. In the same vein, security solutions should be easy to deploy and maintenance should not be burdensome, as it does is not easily scale and can become costly.

About Bitglass

Bitglass (bitglass.com) delivers innovative technologies that transcend the network perimeter to deliver total data protection for the enterprise -- in the cloud, on mobile devices, on the network and anywhere on the Internet. Bitglass was founded in 2013 by a team of industry veterans with a proven track record of innovation and execution. Bitglass is based in Silicon Valley.

Contact Information:

Press Contact
Travis Anderson
Trainer Communications for Bitglass
(925) 271-8227