Skip to content Skip to navigation

Major Healthcare Data Breaches Have Affected More Than 30M Patients Since 2009

August 21, 2014
by Rajiv Leventhal
| Reprints

Since federal reporting requirements kicked in, the U.S. Department of Health and Human Services (HHS)' database of major breach reports have affected some 30.1 million patients spanning over 944 incidents, according to recent analysis in the Washington Post's "Wonkblog."

The blog, written by health policy reporter Jason Millman, comes soon after the Franklin, Tenn.-based Community Health Systems, Inc. acknowledged that the personal data of approximately 4.5 million patients was stolen by hackers from its computer network earlier this year.

A majority of those 30.1 million records are tied to theft (17.4 million people), followed by data loss (7.2 million people), hacking (3.6 million) and unauthorized access accounts (1.9 million people), according to a Washington Post analysis of HHS data. These numbers don't include the Community Health Systems data breach.

There are also many more incidents of smaller-scale breaches. In 2012, for example, HHS received 21,194 reports of smaller breaches affecting 165,135 people, according to the department's most recent report to Congress. Similar numbers were reported in 2011. In all, data breaches cost the industry $5.6 billion each year, estimates the Ponemon Institute, a security firm.

What’s more, recent analysis from legal firm Fox Rothschild LLP has found that the number of major data breaches reported has increased from 239 to 885 in less than a year.  The most common breach type is theft; 430 of the 885 list breaches reported the breach type to involve “theft” of all kinds, including laptops, other portable electronic devices, desktop computers, network servers, paper records and others, according to the law firm.



OSU Wexner Medical Center Receives AHIMA Grace Award

The Ohio State University Wexner Medical Center (OSUWMC) received the American Health Information Management Association (AHIMA) annual Grace Award in recognition of its leadership in health information management.

Kansas Health Information Network Expands its Network across State Lines

The Kansas Health Information Network (KHIN) has announced that it is expanding its horizons, and is now connected to Health Information Exchange Texas (HIETexas).

CMS Selects Vendor to Modernize Critical Identity Infrastructure

The Centers for Medicare & Medicaid Services (CMS) last week announced it had selected San Francisco-based vendor Okta to enhance the security of its information systems.

Mayo Clinic, ASU Partner for Medical Education, Healthcare Innovation

The Mayo Clinic and Arizona State University have announced a partnership centered on transforming medical education and healthcare in the U.S. through a variety of innovation efforts.

CMS Hospital Compare Website Updated with VA Data

The Centers for Medicare & Medicaid Services (CMS) has announced the inclusion of Veterans Administration (VA) hospital performance data as part of the federal agency’s Hospital Compare website.

CMS Awards Funding to Special Innovation Projects

The Centers for Medicare & Medicaid Services (CMS) has awarded 20, two-year Special Innovation Projects (SIPs) aimed at local efforts to deliver better care at lower cost.