lolloj - Fotolia

One in eight people have suffered a healthcare data breach

A quarter of victims had their NI number compromised and 18% saw their biometric identifiers compromised, but most people trust healthcare providers with their data

One in eight consumers in England have had private medical information about them stolen from systems that lack the right level of security, according to a survey.

The survey of 1,000 people in England showed that most (78%) think healthcare providers should be responsible for protecting this information, while only 40% believe they themselves have responsibility.

The findings, from a survey of 7,580 people carried out by Accenture in seven countries, revealed that more than half (56%) of data breaches in England concerned medical identity theft and that people who have experienced a breach lost an average of £172 as a result.

Pharmacies were the most likely to be the weak link in security, according to respondents, with 35% claiming that a breach happened at a pharmacy. This compared with 29% who blamed a hospital, 21% an urgent care clinic, and 19% a doctor’s office.

A quarter of victims had their NI number compromised and 18% saw their biometric identifiers compromised. The stolen data was used for fraud, according to 82% of victims.
“Patients must remain more vigilant than ever in keeping track of personal information, including credit card statements and health records, which could alert them to breaches,” said Aimie Chapple, managing director of Accenture’s UK health.

“Similarly, health organisations must monitor patient information more carefully and remain transparent with those affected in the event of a breach to swiftly resolve the issue without losing consumers to competitors.”

Read more about healthcare data security

Although breaches are occurring, 84% of the people surveyed still trust healthcare providers to keep their healthcare data secure, but only 59% trust the government and 42% trust health technology companies.

Almost all (95%) of people who were victims of a breach said the company holding their data had taken some type of action.
“The time to assure consumers that their personal data is in secure, capable hands is now,” said Chapple. “When a breach occurs, healthcare payers and providers should be able to swiftly notify those affected, with a plan of action on how to remedy the situation and prevent it from happening again.”

Read more on Database software