This past summer, the American Medical Association (AMA) conducted a survey of 1,000 patients located throughout the United States to gauge a representative perspective regarding medical information privacy. And the results were overwhelming.
Over 92% of respondents reported that privacy is a right and believed that corporations or other individuals should not be able to purchase health data.
Approximately 75% of those surveyed also expressed worries about protecting their health data privacy. The AMA then agreed and issued a statement regarding its concerns.
“The AMA is highly concerned that patients’ private medical information is increasingly vulnerable and digital patient data is being shared beyond the confines of the HIPAA framework without protections of federal privacy,” the association wrote.
According to a new study published in JAMA Health Forum on December 29, though, these fears regarding healthcare record privacy are much more widespread than just private data buying.
Researchers from the University of Minnesota in Minneapolis analyzed data from the Tracking Healthcare Ransomware Events and Traits database to quantify the characteristics and frequency of ransomware attacks on U.S. healthcare delivery organizations.
Between January 2016 and December 2021, they found that 374 ransomware attacks exposed the personal health information of nearly 42 million patients.
Over this time period, the annual frequency of attacks also more than doubled– growing from 43 in 2016 to 91 in 2021.
In nearly 45% of these ransomware attacks, the delivery of healthcare was disrupted due to a plethora of system failures, including scheduled care cancellations, electronic system downtime, and the diversion of ambulances.