Where and How Breaches Occur
Between 2010 and 2013, there were more than 900 data breaches of protected health information affecting at least 500 individuals, with most of them resulting from overt criminal activity, according to a study in the Journal of the American Medical Association (JAMA).
Vincent Liu, M.D., M.S., of the Kaiser Permanente Division of Research, Oakland, Calif., and colleagues evaluated a database maintained by the U.S. Department of Health and Human Services of breaches reported by health plans and clinicians covered under the Health Insurance Portability and Accountability Act. Some of their findings:
- Six of the breaches involved more than 1 million records each and the number of reported breaches increased over time (from 214 in 2010 to 265 in 2013). More than 29 million records were affected by the breaches included in the study.
- Breaches affecting 500 individuals or more accounted for 82 percent of reports.
- Breaches were reported in every state, D.C. and Puerto Rico. Five states (California, Texas, Florida, New York, and Illinois) had 34 percent of breaches.
- Most breaches occurred via electronic media (67 percent), frequently involving laptop computers or portable electronic devices (33 percent). Most breaches also occurred via theft (58 percent).
- The combined frequency of breaches resulting from hacking and unauthorized access or disclosure increased during the study period (12 percent in 2010 to 27 percent in 2013).
- Breaches involved external vendors in 29 percent of reports.
Popular Today
- Florida Regulators Demand Data From Weiss Ratings After Recent Reports on Insurers
- Insurer, Contractors Allege Staged Injury Claims Scheme Under New York Scaffold Law
- Clergy Abuse Victim Whose Parents Kicked Him Out Will Use Settlement to Help Others
- Blacks and Hispanics Pay More for Auto Insurance. Study Tries to Answer Why.