HHS has released its latest data breach report to Congress, summarizing breaches of unsecured protected health information for 2011 and 2012.
Here are 10 key findings from HHS' report.
1. Between 2011 and 2012, HHS received 458 reports of data breaches affecting 500 or more individuals. In total, approximately 14.69 million individuals were affected by breaches during those two years.
2. The number of data breaches affecting more than 500 people in 2011 and 2012 accounts for 64.5 percent of all data breaches affecting more than 500 people since the required reporting began in September 2009.
3. Theft was the most common cause of reported data breaches, accounting for 53 percent of all breaches, followed by unauthorized access or disclosure at 18 percent.
4. The largest number of individuals affected by data breaches was also connected with breaches due to theft, at 36 percent of all affected.
5. In 2012, 68 percent of breaches affecting 500 individuals or more occurred at healthcare providers. Twenty-five percent occurred at healthcare business associates and 7 percent occurred at health plans.
6. The majority of compromised protected health information was stored on laptop computers (27 percent). Twenty-three percent was on paper, 13 percent was on a network server, 12 percent was on a desktop computer and 9 percent was on a portable electronic device.
7. In 2012, there were 21,194 reported breaches affecting fewer than 500 individuals. Such data breaches affected a total of 165,135 individuals.
8. Of data breaches affecting fewer than 500 individuals in 2012, 83 percent took place at a healthcare provider and 17 percent took place at a health plan.
9. Breaches involving 500 or more individuals in 2011 and 2012 contributed to 0.97 percent of reports, but accounted for 97.89 percent of affected individuals.
10. The Office of Civil Rights opened investigations into all the 458 reported breaches affecting 500 individuals or more. At time of publication of the report, HHS has entered agreements totaling more than $8 million in settlements.
More Articles on Data Breaches:
Get Ready For Increased HIPAA Fines
What is the Most Common Cause of Data Breaches?
8 Recent Data Breaches