Healthcare data breaches 'most likely' to occur in pharmacy
Personal medical information is "most likely" to be stolen from pharmacy systems, new findings have suggested.
According to a global study by consultancy company Accenture – conducted between November 2016 and January 2017 – 13% of 1,000 survey respondents in England have had "their personal medical information stolen from technology systems".
Thirty-five per cent of these breaches occurred in pharmacies, followed by 29% in hospitals, 21% in urgent care clinics, 19% in "physicians' offices" and 14% in "retail clinics", the study found.
The researchers defined a breach as “any scenario where your healthcare data might be accessed, viewed or manipulated by someone who is not authorised to view it”.
In 82% of all reported cases, the medical and personal information was used for “fraudulent activities”, including “fraudulently filling prescriptions” (42%), "fraudulently receiving medical care" (35%), "fraudulently billing for care" (25%), and “accessing or changing medical records” (24%), said Accenture (see their infographic below).
Pharmacy still trusted
Despite the number of incidents reported, 77% of consumers still trust their pharmacy to keep their healthcare data secure, the survey revealed.
Of the consumers in England who experienced a breach, 36% discovered the breach themselves, or noted an error on their health records or credit card statement. Thirty-one per cent were proactively notified either by the organisation where the incident occurred, or by a government agency, and 34% learned about the breach “passively” – for example in the news or via a collection letter for services not received.
Thirteen per cent of consumers in England changed healthcare providers after experiencing a data breach, the report's authors added.
Aimie Chapple, Accenture's managing director of health practice and client innovation in the UK and Ireland, said: “Health organisations must monitor patient information more carefully and remain transparent with those affected in the event of a breach, to swiftly resolve the issue without losing consumers to competitors.”
Is your pharmacy prepared to fend off cyber crime? Get top tips in C+D's latest feature here
Has your pharmacy IT system ever been breached?