Of the 619 data breaches recorded by the Identity Theft Resource Center (ITRC) in 2013, 43 percent (267 breaches) occurred in the healthcare sector.
For the first time since 2005, when IRTC first began tracking data breaches, the healthcare sector had more breaches than the business sector (210). IRTC reported that with more and more breaches being reported to the Department of Health and Human Services (HHS), the number of breaches in healthcare comes as no surprise to them.
Additionally, due to the mandatory reporting requirement for healthcare industry breaches affecting 500 or more individuals, 84 percent of these healthcare breaches publicly stated the number of records exposed.
“This is significant because it demonstrates that regulations in this area have a powerful impact,” Eva Velasquez, ITRC president and CEO, said in a statement. “When you compare the number of reported data breach incidents in other industry sectors that do not report the raw number of records affected, to those in the medical field, you see a much smaller percentage. Public awareness of the full number of records impacted allows us a more accurate understanding of the scope of the problem.”
This report comes soon after a report that found, in 2013, the number of protected health information (PHI) breaches were up 138 percent from 2012, with 199 incidents of breaches of PHI reported to HHS, impacting over 7 million patient records.