Healthcare data breaches are on the rise, according to public data reported in a research letter and published in JAMA Network.
The authors, Thomas McCoy Jr., MD, an orthopedic surgeon, and Roy Perlis, MD, a professor of psychiatry, analyzed all breaches posted to HHS' Office for Civil Rights breach portal between Jan. 1, 2010, and Dec. 31, 2017 to determine trends over time.
Here are five study highlights:
1. The researchers identified 2,149 breaches comprising a total of 176.4 million records during the seven-year time frame.
2. Individual breaches ranged in size, from exposing as few as 500 records to as many as 78.8 million records. Organizations are only required to report breaches to OCR if at least 500 records are breached.
3. The number of breach reports increased each year, from 199 in 2010 to 344 in 2017, with the exception of 2015.
4. Healthcare providers reported 70 percent of breaches, but only 21 percent of compromised records. Thirteen percent of breaches involved health plans, which accounted for the largest share of breached records at 63 percent.
5. The most common breach sites shifted from laptop and paper or film records in 2010 to network server and email in 2017. This shift coincided with a transition from theft as the No. 1 breach type in 2010 to hacking and unauthorized access in 2017.
"As the type of data breached shifted toward electronic records and away from paper records, the nature of the breach likewise shifted toward electronic means, such as hacking," the authors concluded. "Although networked digital health records have the potential to improve clinical care and facilitate learning health systems, they also have the potential for harm to vast numbers of patients at once if data security is not improved."
The download the complete research letter, click here.