Almost half (43 per cent) of all data breaches in the UK happen in the health sector. This statistic was released by Egress, a UK data security and encryption company.
Releasing data from the Information Commissioner’s Office (ICO), its report says it’s human error that is the main cause of incidents, not external threats.
There have been a total of 2,447 data breaches in the period between January 2014 and December 2016. According to the report, that’s almost four times more than the second highest sector, which is the local government.
The number of incidents rose 20 per cent year-on-year, from 184 in Q4 2014, to 221 in Q4 2016.
In those 221 incidents, human error was the main cause, including loss of paperwork (24 per cent), data being faxed or posted to the wrong participant (19 per cent), being emailed to the wrong person (9 per cent), and failure to redact data (5 per cent).
“Following the WannaCry exploit, the vulnerability of the healthcare industry, and the critical importance of improving its cybersecurity, has come into sharp focus,” said Tony Pepper, CEO and co-founder of Egress Software Technologies. “While it’s clear there is a security problem in healthcare, these figures show that it is as much about internal activity as external threat.
“There’s no doubt that someone inadvertently emailing a spreadsheet containing sensitive patient details to the wrong person isn’t as good a headline as a ransomware attack, but that does not diminish the threat it poses.”
Image source: Shutterstock/Wichy