Healthcare Data Breaches Escalate in 2011 | Healthcare Informatics Magazine | Health IT | Information Technology Skip to content Skip to navigation

Healthcare Data Breaches Escalate in 2011

February 1, 2012
by Gabriel Perna
| Reprints

Redspin, Inc., a Carpinteria, Calif.-based provider of IT security assessments, has released a report on security breaches in healthcare.  The report, titled, “Breach Report 2011, Protected Health Information,” examines a total of 385 incidents affecting over 19 million individuals since the American Recovery and Reinvestment Act/Health Information Technology for Economic and Clinical Health Act's (ARRA-HITECH) breach notification rule went into effect in Aug. 2009. The researchers from Redspin concludes the total number of breaches increased 97 percent from 2010 to 2011.

Redspin cites the increasing concentration of protected healthcare information (PHI) on unencrypted portable devices (laptops, media) and the lack of sufficient oversight of PHI disclosed to hospital "business associates" as the main reasons for the increase. Malicious attacks (theft, hacking, and insider incidents) continue to cause 60 percent of all breaches due to the economic value of a personal health record sold on the black market and for medical ID theft used to commit Medicare fraud.

Over the past year, data breaches caused by an employee losing an unencrypted device were up 525 percent. In the report, Redspin says the federal government should make the sensible decision to require all portable devices that store [electronic personal health information] be encrypted. Daniel W. Berger, Redspin’s CEO and president, said in a statement that the problem won’t go away.

"Without further protective measures, data breaches will continue to increase and could derail the implementation, adoption and usage of electronic health records,” he said.


Get the latest information on Health IT and attend other valuable sessions at this two-day Summit providing healthcare leaders with educational content, insightful debate and dialogue on the future of healthcare and technology.

Learn More



Epic Wins Labor Dispute in Closely Divided Supreme Court Decision

Epic Systems Corporation won a major labor-law ruling in the Supreme Court on Monday, centering around the extent of corporations’ right to force employees to sign arbitration agreements, and with a 5-4 ruling in its favor

Survey: Two-Thirds of Physician Practices Seeking Out Value-Based Care Consulting Firms

Most physician organizations are not prepared for the move to value-based care, and 95 percent CIOs of group practices and large clinics state they do not have the information technology or staff in-house needed to transform value-based care end-to-end, according to a recent Black Book Market Research.

Cumberland Consulting Buys LinkEHR, Provider of Epic Help Desk Services

Cumberland Consulting Group, a healthcare consulting and services firm, has acquired LinkEHR, which provides remote application support, including Epic help desk services.

Population Health Tool that Provides City-Level Data Expands to 500 Cities

A data visualization tool that helps city officials understand the health status of their population, called the City Health Dashboard, has now expanded to 500 of the largest cities in the U.S., enabling local leaders to identify and take action around the most pressing health needs in their cities and communities.

Trump will Nominate Acting VA Secretary Wilkie for Permanent Position

Just a day after the Department of Veterans Affairs (VA) and Cerner inked their $10 billion EHR (electronic health record) deal, President Trump said he would be nominating Acting VA Secretary Robert Wilkie for the permanent position.

ONC Names API Server Showdown Stage 2 Winner

The Office of the National Coordinator for Health Information Technology (ONC) has named 1UpHealth as the Stage 2 winner of the “Secure API Server Showdown” challenge.