A total of 225 breaches of patient health information have occurred since the interim final rule on breach notifications was issued in Aug. 2009 as part of the HITECH Act, according to a report released by Redspin, a provider of penetration testing services and IT security audits.
Other findings from the report include the following:
• The 225 total breaches represent more than 6 million affected individuals.
• 43 states, Washington, D.C., and Puerto Rico, have experienced at least one data breach.
• Approximately 27,000 individuals are affected by one breach.
• 61 percent of breaches stem from malicious intent.
The final rule on breach notifications requires all breaches involving protected patient health information to be reported to the Department of Health & Human services. If the breach affects more than 500 patients, the responsible entity must report the breach to HHS no later than 60 days after the discovery of the breach. Breaches affecting less than 500 patients only need to be reported on an annual basis.
Read the report about data breaches (pdf).
- UIHC Fires Three Hospital Employees After Inappropriate Data Breach
- 5 Key Considerations for Hospital to Ensure Mobile Device Security
- Data Breach Insurance Emerges for Physician Practices
Other findings from the report include the following:
• The 225 total breaches represent more than 6 million affected individuals.
• 43 states, Washington, D.C., and Puerto Rico, have experienced at least one data breach.
• Approximately 27,000 individuals are affected by one breach.
• 61 percent of breaches stem from malicious intent.
The final rule on breach notifications requires all breaches involving protected patient health information to be reported to the Department of Health & Human services. If the breach affects more than 500 patients, the responsible entity must report the breach to HHS no later than 60 days after the discovery of the breach. Breaches affecting less than 500 patients only need to be reported on an annual basis.
Read the report about data breaches (pdf).
- UIHC Fires Three Hospital Employees After Inappropriate Data Breach
- 5 Key Considerations for Hospital to Ensure Mobile Device Security
- Data Breach Insurance Emerges for Physician Practices