HIPAA Journal is the leading provider of news, updates, and independent advice for HIPAA compliance

Healthcare Data Breach Report: August 2015

Healthcare Data Breach Report: August 2015


The number of healthcare data breaches reported to the Department of Health and Human Services’ Office for Civil Rights differs little from July; however the volume of records exposed fell dramatically month on month. In July, over 8,000,000 patient and health plan member records were exposed. August saw ‘only’ 215,556 records exposed.

Only one hacking incident was reported in August: The cyberattack on Pediatric Group LLC, which resulted in 10,000 records being exposed. This was a major improvement on last month, which saw 4 hacking incidents discovered. Those four data breaches included major data exposures at Medical Informatics Engineering and UCLA Health, which exposed 3.9 million and 4.5 million records respectively.

Main Cause of Data Breaches in August 2015 Was Lost/Stolen Devices

August saw eleven reports of lost and stolen PHI containing devices. Each data breach exposed relatively few medical records (Except the Empi Inc / DJO Global data breach that exposed 160,000 records), but all could have been easily prevented had data encryption been employed.

Unauthorized access and disclosure of patient health information continues to plague healthcare providers and health plans, with seven separate incidents reported to the OCR in August.

Get The Checklist

Free and Immediate Download
HIPAA Compliance Checklist

Delivered via email so verify your email address is correct.

Your Privacy Respected

HIPAA Journal Privacy Policy

While the data breach figures for August may be relatively low, the year to data figures are another matter entirely. 180 security incidents have been reported so far this year, and 102,750,523 patient and health plan member records have been exposed. That’s over 93 million more records than were exposed during the same period in 2014.

The August 2015 healthcare data breaches have been summarized in the infographic below:

Healthcare Data Breach Report Infographic (August 2015)




Author: Steve Alder is the editor-in-chief of HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered on HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has several years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics.