Researchers have found that hackers who instigate healthcare data breaches are usually looking for personal data that can be used for fraud or identity theft. Only two percent of compromised medical data were sensitive material like diagnoses or medical images.

Jessica Davis filed this report for Health IT Security:

The researchers found that 194 breaches, or 66 percent, exposed sensitive demographic information like Social Security numbers, dates of birth, or driver’s licenses numbers, impacting 150 million patients.

Meanwhile, 71 percent of breaches affecting 159 million patients exposed the demographic or financial information, which puts those patients at risk of fraud or identity theft. The data included billing amounts, payment data, services dates, and other related metrics.

Just 2 percent of the breaches analyzed by researchers exposed medical information, such as diagnoses. However, these impacted 2.4 million patients. And 65 percent compromised general clinical or medical information, which impacted 48 million patients. On the other hand, 16 percent of breaches impacting 6 million patients only compromised medical information, without demographic or financial data. Overall, all breaches contained at least one demographic detail.

The researchers noted that under current HHS reporting requirements, the focus remains on the number of patients impacted, rather than the type of information. As a result, it’s challenging to manage the risk posed in the aftermath of a breach.

Instead, polices should also draw focus onto the type of information breached in addition to the number of impacted individuals. The researchers recommended entities be required to provide standardized documentation as part of notification requirements to improve analysis and understanding of breach consequences.

The study upholds findings from a recent FireEye report that showed hackers are increasingly targeting providers for financial gain: “Actors buying and selling PII and PHI from healthcare institutions and providers in underground marketplaces is very common and will almost certainly remain so due to this data’s utility in a wide variety of malicious activity ranging from identity theft and financial fraud to crafting of bespoke phishing lures.”