There were 29 protected health information breaches in June, including a total of more than 11 million patient records, a number significantly higher than any other month this year, according to a report from Protenus and DataBreaches.net.
The 11 million compromised records represent 23 of the 29 breaches for which data was made available, and the majority can be attributed to just a single incident, in which a hacker under the username thedarkoverlord listed millions of stolen patient records for sale online. For comparison, in May 2016, there were just under 700,000 records compromised, according to the report.
"41.4 percent of reported [June 2016] breach incidents involved hacking, 41.4 percent involved insider wrongdoing/error and 17.2 percent involved theft/loss of devices or paper records," the report reads. "Interestingly, in the 23 incidents for which information is available, nine involved business associates or vendors — with six stemming from the same BA. The number of business associates with access to patient records via EHR systems increasingly creates new security complexities for health systems to manage."
Eighty-six percent of the compromised data came from healthcare providers, while 11 percent were from health plans and 4 percent, due to stolen records, were from the Washington Redskins NFL team.