• Skip to main content
  • Skip to secondary menu
  • Skip to primary sidebar
  • Skip to secondary sidebar
  • Skip to footer

  • Opinion
  • Health IT
    • Behavioral Health
    • Care Coordination
    • EMR/EHR
    • Interoperability
    • Patient Engagement
    • Population Health Management
    • Revenue Cycle Management
    • Social Determinants of Health
  • Digital Health
    • AI
    • Blockchain
    • Precision Medicine
    • Telehealth
    • Wearables
  • Life Sciences
  • Investments
  • M&A
  • Value-based Care
    • Accountable Care (ACOs)
    • Medicare Advantage

Healthcare Organizations at Risk of Data Breach Due to Insecure File Sharing Practices

by Fred Pennic 07/24/2024 Leave a Comment

  • LinkedIn
  • Twitter
  • Facebook
  • Email
  • Print
Healthcare Organizations at Risk of Data Breach Due to Insecure File Sharing Practices

What You Should Know: 

– A new report by Metomic, a data security company, reveals concerning vulnerabilities in how healthcare organizations handle sensitive data. 

– The report, titled “Healthcare Data Crisis – Uncovering the Alarming Gaps in Data Security and Compliance,” highlights the prevalence of insecure file-sharing practices that put patient information at risk.

Key Findings:

  • Exposed PII: A staggering 25% of publicly shared files contain Personally Identifiable Information (PII) like names, addresses, and social security numbers.
  • Uncontrolled Access: Even private files often lack proper access controls.
    • 68% of private files shared externally (outside the organization) contain PII.
    • An even higher percentage (77%) of private files shared internally contain PII.
  • Stale Data Permissions: Many healthcare organizations fail to update or remove access permissions for private files. This means people retain access to sensitive data long after they need it, creating a significant security risk.

Consequences of Insecure Practices:

  • Data Breaches: The healthcare industry experiences a rising number of data breaches, with 2023 seeing a record number of exposed records (over 133 million).
  • Financial Impact: Ransomware attacks, like the one on Change Healthcare, can disrupt operations and incur substantial costs (UnitedHealth estimates $1.35-$1.6 billion).
  • Compliance Issues: Lax data security practices can lead to violations of HIPAA and GDPR regulations.

Beyond PII: Financial Data at Risk

The report also identified Payment Card Industry (PCI) data, such as credit card numbers, being stored in insecure files. While the percentage (1% of public files) may seem small, it represents a significant vulnerability for financial information.

Taking Action:

Healthcare organizations must prioritize data security to protect patient information and comply with regulations. Metomic’s report offers valuable insights and suggests best practices for data loss prevention (DLP) to mitigate risks.

“The healthcare industry is plagued by rampant data breaches that are costing organizations millions of dollars and putting highly sensitive patient data and financial information at risk. After digging into these findings, it’s clear that healthcare security leaders need more resources,  DLP solutions, and data security tools to overcome the vast number of data security challenges they face day-to-day,” said Rich Vibert, co-founder and CEO, Metomic. “Healthcare organizations need data security and DLP platforms that not only help protect highly sensitive information, but also provide tools to ensure employees are not inadvertently sharing data or giving access to files that put the organization at risk. Metomic is designed for this exact need—we enable security teams to see where sensitive data is being stored and shared, and who has access to it. These data security tools are a must-have for today’s healthcare providers. It’s the only way to stop a data leak before it turns into a massive problem that could potentially put a healthcare organization out of business.” 

  • LinkedIn
  • Twitter
  • Facebook
  • Email
  • Print

Tagged With: Cybersecurity

Tap Native

Get in-depth healthcare technology analysis and commentary delivered straight to your email weekly

Reader Interactions

Primary Sidebar

Subscribe to HIT Consultant

Latest insightful articles delivered straight to your inbox weekly.

Submit a Tip or Pitch

Featured Insights

Digital Health Funding Q3 2025: Choppy Undercurrents Beneath a Steady Surface

Featured Interview

ConcertAI VP Shares View on AI Hallucinations and the Fabricated Data Crisis in Scientific Publishing

Most-Read

Cleveland Clinic and Khosla Ventures Form Strategic Alliance to Accelerate Healthcare Innovation

Cleveland Clinic and Khosla Ventures Form Strategic Alliance to Accelerate Healthcare Innovation

Northwell Health Selects to Deploy Abridge’s Ambient AI Across 28 Hospitals

Northwell Health to Deploy Abridge’s Ambient AI Across 28 Hospitals

Omada Health Launches "Nutritional Intelligence" with AI Agent OmadaSpark

Omada Health Launches AI-Powered Meal Map to Transform Nutrition for Cardiometabolic Patients

From Overwhelmed to Optimized: How AI Agents Address Staffing Challenges and Burnout in Healthcare

From Overwhelmed to Optimized: How AI Agents Address Staffing Challenges and Burnout in Healthcare

Qualtrics Acquires Press Ganey Forsta for $6.75B to Create the Most Comprehensive AI Experience Platform

Qualtrics Acquires Press Ganey Forsta for $6.75B to Create the Most Comprehensive AI Experience Platform

Pfizer and Trump Administration Announce Landmark Agreement to Lower Drug Costs

Pfizer and Trump Administration Announce Landmark Agreement to Lower Drug Costs

KLAS Report: Epic's Native Ambient Speech Tool Reshapes Customer AI Strategies

KLAS Report: Epic’s Native Ambient Speech Tool Reshapes Customer AI Strategies

Epic Unveils MyChart Central and New APIs to Advance Interoperability at Open@Epic

Epic Outlines Roadmap for Next-Generation Data Sharing at Open@Epic

Epic Launches Comet: A New AI Platform to Predict Patient Health Journeys

Epic Launches Comet: A New AI Platform to Predict Patient Health Journeys

RevSpring to Acquire Kyruus Health, Creating a Unified Patient Experience

RevSpring to Acquire Kyruus Health, Creating a Unified Patient Experience

Secondary Sidebar

Footer

Company

  • About Us
  • Advertise with Us
  • Reprints and Permissions
  • Op-Ed Submission Guidelines
  • Contact
  • Subscribe

Editorial Coverage

  • Opinion
  • Health IT
    • Care Coordination
    • EMR/EHR
    • Interoperability
    • Population Health Management
    • Revenue Cycle Management
  • Digital Health
    • Artificial Intelligence
    • Blockchain Tech
    • Precision Medicine
    • Telehealth
    • Wearables
  • Startups
  • Value-Based Care
    • Accountable Care
    • Medicare Advantage

Connect

Subscribe to HIT Consultant Media

Latest insightful articles delivered straight to your inbox weekly

Copyright © 2025. HIT Consultant Media. All Rights Reserved. Privacy Policy |