Data (In)Secruity
Healthcare data breaches have become a major threat to patient privacy and data security. According to the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) breach portal, there have been over 3,800 healthcare data breaches reported since 2009, with the majority of these incidents involving electronic protected health information (Civil Rights (2023)).
Cyber Attack Incidents in North Carolina
North Carolina is one of the many states that have been affected by the rise in healthcare hacking incidents in recent years. These incidents have raised concerns about patient privacy and data security, and healthcare providers in North Carolina have been taking steps to combat these threats.
Still, the cyber war continues on, with some significant wins for hackers in recent years.
Two of the most significant hacking incidents in North Carolina occurred in 2018 and 2019, involving Atrium Health and LabCorp, respectively. In the case of Atrium, a vendor (AccuDoc Solutions) reported that the personal and medical information of more than 2.65 million patients was potentially compromised (Wallace (2018)). The following year, LabCorp announced a data breach that affected 7.7 million customers (Siegel (2019)). Data from the OCR Breach Portal (Figure 1) shows the marked increase over previous years for theses two incidents.
In both cases, systems and data were compromised through a third-party billing collections vendor.
Figure 1: Major Healthcare Hacks in North Carolina
A Concerning Trend
The threat of IT and patient data security is constantly evolving, and healthcare organizations do remain vigilant to protect patient data. However, the struggle between attacker and defender doesn’t show any signs of slowing down. Over the past 12 years, the number of data breaches has continued to increase (Figure 2). Specifically hacking incidents are on the rise (compared to theft, loss or other unauthorized access).
Figure 2: The Rise of Hacking Healthcare
Most recently, 2022 spiked again with over 2M patients being effected. Two major hospital systems were breached, WakeMed and Novant Health (see below), leading to 1.8M patient records being compromised.
While it’s not always clear to what degree protected health information (PHI) has been compromised, the trend is worrying. North Carolina’s population itself is just over 10M (though these data are tied to the location of hospitals/organizations, not patient residency).
It’ll be interesting to see how this trend continues, and more importantly, what this may mean for patient data safety and security.
R Code
nc_pts_breach <- breach |>
filter(state == "NC") |>
# change to date format
mutate(breach_date = mdy(breach_submission_date)) |>
# add col for year breached
mutate(breach_year = year(breach_date)) |>
group_by(breach_year) |>
summarise(patients = sum(individuals_affected))
# drop incomplete 2023 data
nc_pts_breach <- nc_pts_breach[nc_pts_breach$breach_year != "2023",]
options(scipen = 999)
# create barchart
pts_plot <- ggplot(nc_pts_breach, aes(x = breach_year, y = patients)) +
geom_col(aes(fill = patients)) +
scale_color_ipsum() +
# highlight only 2018, 2019
gghighlight(breach_year == "2018" | breach_year == "2019") +
scale_x_continuous(limits = c(2010, 2022.5), breaks=seq(2010, 2022, 2)) +
# change scale to millions
scale_y_continuous(labels = label_number(suffix = " M", scale = 1e-6)) +
# add break in y-axis 3M to 9M
scale_y_break(c(3000000, 9000000)) +
labs(
title = "Major Healthcare Hacks in North Carolina",
subtitle = "Patients Affected Annually",
x = "Year",
y = "Patients",
caption = "Source | HHS OCR"
) +
theme_ipsum_rc() +
guides(y = "none") +
theme(
# clean up plot, remove legend
panel.grid.minor = element_blank(),
panel.grid.major.x = element_blank(),
legend.position="none")
# save to png file
ggsave("images/nc_hacks.png", plot = pts_plot, width = 6.5, height = 4, bg="white")
nc_breach <- breach |>
filter(state == "NC") |>
# change to date format
mutate(breach_date = mdy(breach_submission_date)) |>
# add col for year breached
mutate(year = year(breach_date)) %>%
# count breaches
count(year, type_of_breach, sort = TRUE) |>
# trim data labels
separate_rows(type_of_breach, sep = ", ")
# drop incomplete 2023 data
nc_breach <- nc_breach[nc_breach$year != "2023",]
# create barchart
trend_plot <- ggplot(nc_breach, aes(x = year, y = n)) +
geom_col(aes(fill = type_of_breach )) +
# highlight data type
gghighlight(type_of_breach == "Hacking/IT Incident", keep_scales = TRUE) +
scale_x_continuous(limits = c(2010, 2023), breaks=seq(2010, 2022, 2)) +
labs(
title = "The Rise of Hacking Healthcare",
subtitle = "Data Breaches in North Carolina",
x = "Year",
y = "# Breaches",
fill = "Type of Breach",
caption = "Source | HHS OCR"
) +
theme_ipsum_rc() +
# clean up plot
theme(
panel.grid.major.x = element_blank(),
panel.grid.minor = element_blank(),
legend.position="none",
panel.grid=element_blank(),
panel.border=element_blank(),
plot.margin=grid::unit(c(4,2.5,5,5), "mm")) +
# add annotation
annotate(geom = "curve", x = 2019, y = 25, xend = 2021.4, yend = 16,
curvature = .2, arrow = arrow(length = unit(2, "mm"))) +
annotate(geom = "text", x = 2017, y = 27, label = "Hacking/IT Incidents", hjust = "left")
# save to png file
ggsave("images/patients_affected.png", plot = trend_plot, width = 6.5, height = 4, bg="white")
References
Civil Rights, Office for. 2023. “Department of Health and Human Services Office for Civil Rights Breach Portal.” U.S. Department of Health & Human Services - Office for Civil Rights. Department of Health; Human Services. https://ocrportal.hhs.gov/ocr/breach/breach_report.jsf.
Siegel, Rachel. 2019. “LabCorp Discloses Data Breach Affecting 7.7 Million Customers.” The Washington Post. WP Company. https://www.washingtonpost.com/business/2019/06/05/labcorp-discloses-data-breach-affecting-million-customers/.
Wallace, Jim. 2018. “Cyber Incident Special Announcement.” Cyber Incident Special Announcement. Atrium Health. https://atriumhealth.org/about-us/newsroom/security/special-announcement.