Report: Number of Healthcare Records Breached Hit Four-Year Low in 2017 | Healthcare Informatics Magazine | Health IT | Information Technology Skip to content Skip to navigation

Report: Number of Healthcare Records Breached Hit Four-Year Low in 2017

March 1, 2018
by Rajiv Leventhal
| Reprints

In 2017, the number of individuals affected by breaches within the healthcare sector reached a four-year low, according to a new report from Campbell, Calif.-based security company Bitglass.

The report revealed that the majority of breaches were due to hacking and IT incidents (71 percent), and that percentage has continued to grow since 2014. The fourth annual Healthcare Breach Report aggregates data from the U.S. Department of Health and Human Services' (HHS) Wall of Shame—a database of breach disclosures that is required as part of the Health Insurance Portability and Accountability Act (HIPAA)—to identify the most common causes of data leakage.

Bitglass explored the changes in breach frequency as well as the preventive steps organizations have taken to limit the impact of each breach from 2014 to 2017. Among the key report findings:

  • The number of hacking and IT Incidents has increased, but organizations have done a better job mitigating damage, with 16,060 records compromised per breach on average in 2017.
  • The number of breached healthcare records decreased by 72 percent between 2015 and 2017 and by 95 percent since 2016 (excluding mega-breaches at Anthem and Premera).
  • The number of data breaches in 2017 dropped slightly to 294, down from 328 in 2016, indicating that healthcare remains a target for hackers, though many are shifting focus to other high-value targets.
  • From 2014 to 2017, healthcare organizations reduced the number of breach incidents attributed to lost and stolen devices by 63 percent.

A similar report in January from cybersecurity software company Protenus found that while there was a slight increase in the number of breaches (450 in 2016 compared to 477 in 2017), there was also a drastic decrease in the number of affected patient records—27.3 million records breached in 2016, over five times greater than the number of records affected in 2017.

"Mega-breaches like Anthem and Premera Blue Cross, along with device loss and theft, caused healthcare breaches to spike in 2015 and 2016," Mike Schuricht, vice president of product management at Bitglass, said in a statement. "Since then, organizations in the health sector have made great strides in mitigating threats to protected health information (PHI),  thus greatly reducing the total number of individuals affected by healthcare data breaches in 2017."

Get the latest information on Health IT and attend other valuable sessions at this two-day Summit providing healthcare leaders with educational content, insightful debate and dialogue on the future of healthcare and technology.

Learn More



MGMA: Physician Compensation Data Illustrates Nationwide PCP Shortage

Primary care physicians’ compensation rose by more than 10 percent over the past five years, representing an increase which is nearly double that of specialty physicians’ compensation over the same period, according to the Medical Group Management Association (MGMA).

Circulation, Buoy Health Collaborate on Integrated Platform for Patient Transportation

Boston-based startup Circulation Health, a ride-ordering exchange that coordinates medical transportation logistics using Lyft and other transportation partners, is partnering with Buoy Health, also based in Boston, to integrate their platforms to provide patients with an end-to-end healthcare experience.

HITRUST Provides NIST Cybersecurity Framework Certification

The Health Information Trust Alliance (HITRUST), security and privacy standards development and accreditation organization, announced this week a certification program for the National Institute of Standards and Technology's (NIST) Cybersecurity Framework (Framework).

Report: Interoperability in NHS England Faces Similar Barriers as U.S. Healthcare

Electronic patient record interoperability in NHS England is benefiting patient care, but interoperability efforts are facing barriers, including limited data sharing and cumbersome processes falling outside of the clinician workflow, according to a KLAS Research report.

Geisinger National Precision Health Hires Illumina Exec to Lead Business Development

Integrated health system Geisinger has hired a high-profile genetic counselor to head up business development for Geisinger National Precision Health, which was created to extend the Geisinger model on the national scene.

$30M VC Fund Launched to Spur Innovation in Cardiovascular Care

The American Heart Association, together with Philips and UPMC, has announced the launch of Cardeation Capital, a $30 million collaborative venture capital fund designed to spur healthcare innovation in heart disease and stroke care.