Executive Summary

The Verizon 2016 Data Breach Investigations Report (DBIR) indicates that 63% of confirmed data breaches stem from weak, default or stolen passwords – clearly pointing to compromised email accounts and errors as a high-level corporate challenge. The most frustrating aspect of this challenge historically has been that there’s no way to quantify many of these email-based PHI security exposures until it’s too late. To add greater visibility to this issue, Evolve IP partnered with ID Agent on a research project to quantify the healthcare related vulnerabilities in the Dark Web.  The eye-opening results indicate that more than 68% of healthcare covered entities and business associates have compromised email accounts that threaten PHI security.

  • The potential for monetary loss is significant
  • Controlling human behavior is the underlying challenge
  • The need for data backups and disaster recovery is clear