Nearly 5.6 million patient records were breached during 477 incidents documented in 2017, up from 450 incidents in 2016 that compromised 27 million patient records, according to a Protenus report.
The report, part of the "Protenus Breach Barometer" monthly series, analyzed healthcare breaches reported to HHS or disclosed to the media throughout the year.
Here are six things to know.
1. Nearly 176 incidents were the result of insider error or wrongdoing. Insider-error affected 785,281 patient records and insider-wrongdoing affected 893,978 records.
2. June had the greatest number of breaches disclosed (53) and March had the greatest number of patient records breached (1.4 million).
3. Though there were 58 more hacking incidents in 2017 (178) than in 2016 (120), there was a significant decrease in the number of records that those incidents affected. Hacking incidents accounted for 37 percent of all 2017 breaches, compromising 3.4 million records; compared to 2016, which saw 87 percent of breaches from hacking and compromised 23.7 million records.
"This can be attributed to the lack of the massive hacking incidents like those we reported in 2016," the report states.
4. The majority of entities reporting data breaches in 2017 were healthcare providers (79 percent), health plans (12 percent) and business associates or vendors (5 percent).
5. It took healthcare organizations an average of 308 days to discover a breach, but only 73 days to report a breach to HHS.
6. While California had the most reported incidents (57), three states did not have any reported breaches: Hawaii, Idaho and New Mexico.
Click here to download the full report.
More articles on cybersecurity:
Here is why Hancock Health decided to pay the SamSam attackers' $55k ransom
Microsoft to discontinue HealthVault Insights, the company's mHealth experiment
Healthy individuals more likely to use sleep-tracking apps, study suggests