Combat Internal Tech Breaches That Plague Health Care

By Andy Smith | AAPL
July 24, 2018

It’s the enemy within. More than half of all cyberthreats are self-inflicted, but there are areas physician leaders can target to slow the trend.

Of the 2,216 reported international cybersecurity incidents last year, nearly a quarter (536) were directed at health care organizations.1 Each health care organization spends an average of $12.47 million in cybercrime expenses annually.2   

What compounds the problem is that so many health care cyberthreats (56 percent) are self-inflicted — double the global average.1

Here are some areas physician leaders can target:

ACCURACY: 62 percent of health care’s security-related human error stems from email and faxes being sent to incorrect parties. Ensure transmissions are encrypted, then provide training for your staff.

RELATED: Cybersecurity: Are Physician Leaders Ready for Worst-Case Scenario?

ACCESS: Some employees will abuse access to systems and data. Monitor all access to internal health information, supported by training and enforced by corrective action.

DESKS: The office is the most frequent location (36 percent) for theft of assets such as laptops, mobile devices and documents. Encryption helps. So does locking your workspace.

AUTOS: Employee vehicles are the second-most frequent location (32 percent) for theft of those same assets. Don’t leave them in a vehicle.

RELATED: Three Takeaways for Physician Leaders Implementing Health IT Initiatives

SHREDDING: Establish — or follow through with — institutional protocols for physical destruction of all sensitive documents.

Andy Smith is a senior editor with the American Association for Physician Leadership.


  1. Verizon, 2018 Data Breach Investigations Report.
  2. Accenture and Ponemon Institute, 2017 Cost of Cyber Crime Study.

Topics: Technology Journal

Lessons for Building the Winning Workforce of Tomorrow
Research: Enhancing the Quality of Documentation

Popular Articles


About Physician Leadership News

Now more than ever, physicians are leaders in their organizations and communities.

The American Association for Physician Leadership maximizes and supports physician leadership through education, community, and influence. We promote thought leadership in health care through our Physician Leadership News website, bimonthly Physician Leadership Journal and other channels.

We focus on industry leadership issues such as patient care, finance, professional development, law, and technology. Association announcements and news of association events can be found.

Send us your feedback at

Journal Submission Guidelines

AAPL's award-winning print publication, the Physician Leadership Journal, welcomes originally authored manuscripts for peer review that meet competency, formatting and preparation criteria. To review these guidelines and other information regarding submissions, click here.