As we enter a new year, it’s a good time to review the status of data breaches, HIPAA hazards, and the state of security risk with some statistics:
- The average cost of a data breach in the United States is $9.05 million. The average cost is higher in organizations with greater compliance failures.
- Only 25% of employees are “very confident” they can identify a social engineering attack.
- 76% of healthcare employees have received security awareness training. That means 24% have not.
- 24% of employees believe “clicking on a suspicious link or attachment in an email represents little or no risk.”
- Only 31% of employees think “allowing family members of friends to use work devices for personal activities outside of work” is risky.
- In the past 12 months, 94% of organizations have had an insider data breach. The most common cause is human error.
- As many as 90% of data breaches are phishing attacks
It is always eye-opening to review the latest HIPAA stats – because they get colder and harder every year. Especially in healthcare.