Share this article on:
This month’s healthcare data breach report looks a lot healthier than May; a particularly bad month for data breaches, with over 1.1 million records exposed in 18 security incidents.
June could be considered a relatively good month for the healthcare industry in terms of records exposed, although more security incidents were reported in June than May, and numbers have not changed much year on year. 21 breaches were reported in June compared to 23 last year.
In total, 159,231 records were reported as being exposed during the month. In June 2014 the figure stood at 252,873, and in June 2013, only 46,713 records were compromised.
Quarterly Figures Show Little Has Changed Since 2014
Data breach figures for the second quarter of 2015 differ only by one incident from this time last year. Data breaches continue to be experienced at the same rate, in spite of improved protections being put in place by healthcare providers. It would appear it is only possible to maintain pace with malicious insiders and outsiders.
Figures for the quarter indicate 750,000 more data breach victims have been created in the first six months of 2015 than 2014, and almost 1,500,000 more than the same period in 2013.
High profile data breaches resulting in the theft of tens of millions of records give the impression that hackers pose the biggest threat to healthcare organizations. Hacker-related security incidents tend to create more victims, but they are not the most common cause of healthcare data breaches. An analysis of data breach reports for the quarter shows theft to be the leading cause of data breaches; being cited in 26 breach reports.
Unauthorized access and disclosure of PHI was the second leading cause. 22 data breaches were attributed to unauthorized access/disclosure, with last quarter seeing an increase in cases of employees snooping and disclosing records. Hacking was the third leading cause, accounting for 13 data breaches.
The number of security incidents may not have fallen year on year, but there is some good news. Business Associates are now getting to grips with HIPAA Rules and have caused substantially fewer data breaches this year. Only four BAs have caused or suffered data breaches so far in 2015, compared to 18 during the corresponding period in 2014, and 11 in 2013.
Last month’s data breaches have been summarized in the infographic below: