Healthcare Data Breaches Escalate in 2011

Feb. 1, 2012
Redspin, Inc., a Carpinteria, Calif.-based provider of IT security assessments, has released a report on security breaches in healthcare. The report, titled, “Breach Report 2011, Protected Health Information,” examines a total of 385 incidents affecting over 19 million individuals since the American Recovery and Reinvestment Act/Health Information Technology for Economic and Clinical Health Act's (ARRA-HITECH) breach notification rule went into effect in Aug. 2009. The researchers from Redspin concludes the total number of breaches increased 97 percent from 2010 to 2011.

Redspin, Inc., a Carpinteria, Calif.-based provider of IT security assessments, has released a report on security breaches in healthcare.  The report, titled, “Breach Report 2011, Protected Health Information,” examines a total of 385 incidents affecting over 19 million individuals since the American Recovery and Reinvestment Act/Health Information Technology for Economic and Clinical Health Act's (ARRA-HITECH) breach notification rule went into effect in Aug. 2009. The researchers from Redspin concludes the total number of breaches increased 97 percent from 2010 to 2011.

Redspin cites the increasing concentration of protected healthcare information (PHI) on unencrypted portable devices (laptops, media) and the lack of sufficient oversight of PHI disclosed to hospital "business associates" as the main reasons for the increase. Malicious attacks (theft, hacking, and insider incidents) continue to cause 60 percent of all breaches due to the economic value of a personal health record sold on the black market and for medical ID theft used to commit Medicare fraud.

Over the past year, data breaches caused by an employee losing an unencrypted device were up 525 percent. In the report, Redspin says the federal government should make the sensible decision to require all portable devices that store [electronic personal health information] be encrypted. Daniel W. Berger, Redspin’s CEO and president, said in a statement that the problem won’t go away.

"Without further protective measures, data breaches will continue to increase and could derail the implementation, adoption and usage of electronic health records,” he said.

Sponsored Recommendations

How Digital Co-Pilots for patients help navigate care journeys to lower costs, increase profits, and improve patient outcomes

Discover how digital care journey platforms act as 'co-pilots' for patients, improving outcomes and reducing costs, while boosting profitability and patient satisfaction in this...

5 Strategies to Enhance Population Health with the ACG System

Explore five key ACG System features designed to amplify your population health program. Learn how to apply insights for targeted, effective care, improve overall health outcomes...

A 4-step plan for denial prevention

Denial prevention is a top priority in today’s revenue cycle. It’s also one area where most organizations fall behind. The good news? The technology and tactics to prevent denials...

Healthcare Industry Predictions 2024 and Beyond

The next five years are all about mastering generative AI — is the healthcare industry ready?