HHS Reports Data Breaches of Protected Health Information in 2009-2010 to Congress

The U.S. Department of Health and Human Services' report (pdf) to Congress on health data breaches shows that 207 breaches involving 500 or more individuals were reported in 2010.

The report was submitted by HHS' Office for Civil Rights and is titled "Annual Report to Congress on Breaches of Unsecured Protected Health Information For Calendar Years 2009 and 2010." The document fulfills the HITECH Act's requirement that HHS provide to Congress an annual report on the number and nature of breaches that were reported to HHS by HIPAA-covered entities.

In 2010, the first full calendar year of reporting, the covered entities notified approximately 5.4 million individuals who were affected by breaches involving 500 or more people.

The five main causes of these large data breaches in 2010 were, in order of frequency, theft; loss of electronic media or paper records containing protected health information; unauthorized access to, use or disclosure of PHI; human error; and improper disposal.

Data breaches reported between Sept.-Dec. 2009 identified the same first four causes as in 2010 but did not include improper disposal. In the three months of 2009 and in 2010, theft was the most common cause of large data breaches.  

Related Articles on Data Breaches:

5 Security Features Every Health Tablet Should Have
Medical Industry's Reported Data Loss Incidents Increased 115% From 2009-2010

28 Health Data Breaches in the Past 6 Months

Copyright © 2024 Becker's Healthcare. All Rights Reserved. Privacy Policy. Cookie Policy. Linking and Reprinting Policy.


Featured Whitepapers

Featured Webinars