BRENTWOOD, Tenn. – July 23, 2024 – Fortified Health Security (Fortified), a Best in KLAS managed security services provider (MSSP) specializing in healthcare cybersecurity, today released the 2024 Mid-Year Horizon Report, a semiannual publication on cybersecurity news, trends, and guidance for healthcare organizations.
The report highlights an alarming reality in the wake of major data breaches to Change Healthcare and Ascension, which have yet to be reported to the Office for Civil Rights (OCR): Healthcare organizations are being targeted with severe consequences for patients and providers.
“Breaches to healthcare organizations are being carried out at an unprecedented scale, and what we’re reporting on now is only the tip of the iceberg, said Dan L. Dodson, Chief Executive Officer at Fortified. “Healthcare cybersecurity is complex, nuanced, and fast-changing, and we hope this report will serve as a resource for leaders prioritizing cyber preparedness and resilience.”
The Mid-Year Horizon Report includes expert contributions on business continuity, access controls and the legislative landscape in healthcare cybersecurity. The report also provides important data breach statistics, building on those published in Fortified’s annual report earlier this year. Key insights from the mid-year report include:
- Despite the number of breaches reported by Business Associates (BAs) decreasing by 35% year-over-year, BA-related breaches still account for almost 39% of all reported breaches
- Breaches to network servers currently account for the highest number of breaches, but breaches by unauthorized access or disclosure are expected to rise following Change Healthcare and Ascension incidents
- Breaches to healthcare organizations stemming from “unauthorized access or disclosure” have soared in recent years, highlighting the urgent need for stronger access controls
“Despite notable legislative progress this year, including increased support from policymakers and the HHS’s release of Cybersecurity Performance Goals, healthcare still faces significant challenges,” said Dodson. “Throughout the rest of 2024 and beyond, healthcare organizations will likely experience increased pressure to strengthen their security measures to protect patient information, adhere to regulatory compliance, and ensure operational integrity.”
The full report is available for download here.