Almost one in five (18%) employees within the healthcare industry worldwide said that they might be willing to convey access to confidential medical data about patients to an unauthorized outsider for gain, a survey for Accenture has revealed.
They would expect no over $500 to $1,000 for his or her login credentials or for deliberately installing tracking software or downloading the information to a conveyable drive.
The remaining 82% said that no amount of cash would make them sell the records, in line with the survey, called Losing the Cyber Culture War in Healthcare: Accenture 2018 Healthcare Workforce Survey on Cybersecurity. the matter was particularly acute among provider organizations, as critical payer organizations (21% vs. 12%). Also, and maybe counterintuitively, staff with more frequent cybersecurity training were more inclined to such practices.
Besides, this manner of compromising patient data isn’t a purely hypothetical phenomenon. Roughly one in four (24%) respondents said that they were aware of a co-worker who had made a profit by providing a 3rd party with access to such information.
Accenture noted that such conduct contributes to the fact that healthcare organizations in seven countries spent an estimated $12.5 million each, on average, coping with impacts of cybercrime in 2017. The figure comes from the firm’s report called the 2017 Cost of Cyber Crime Study.
Meanwhile, there was an almost universal (99%) sense of responsibility among the respondents for data security. Nearly all (97%) also claimed that they understand the information security and privacy standards of their organization. And yet there’s some disconnect, united in five (21%) of the healthcare workforce admitted to writing down their login credentials near their computers.
A total of 912 employees of provider and payer organizations were polled for the survey, which was conducted online in November. All the respondents have access to electronic health data like personally identifiable information (PII), payment card information (PCI), and guarded health information (PHI).
In another study by Accenture in 2017, 88% of patients said that they trust their physicians or other healthcare providers to confirm security for his or her electronic medical data. 1 / 4 said that that they had experienced a breach of such data.
Source: https://www.welivesecurity.com/2018/03/09/healthcare-employees-patient-data/
