Healthcare Data Breaches Escalate in 2011

Feb. 1, 2012
Redspin, Inc., a Carpinteria, Calif.-based provider of IT security assessments, has released a report on security breaches in healthcare. The report, titled, “Breach Report 2011, Protected Health Information,” examines a total of 385 incidents affecting over 19 million individuals since the American Recovery and Reinvestment Act/Health Information Technology for Economic and Clinical Health Act's (ARRA-HITECH) breach notification rule went into effect in Aug. 2009. The researchers from Redspin concludes the total number of breaches increased 97 percent from 2010 to 2011.

Redspin, Inc., a Carpinteria, Calif.-based provider of IT security assessments, has released a report on security breaches in healthcare.  The report, titled, “Breach Report 2011, Protected Health Information,” examines a total of 385 incidents affecting over 19 million individuals since the American Recovery and Reinvestment Act/Health Information Technology for Economic and Clinical Health Act's (ARRA-HITECH) breach notification rule went into effect in Aug. 2009. The researchers from Redspin concludes the total number of breaches increased 97 percent from 2010 to 2011.

Redspin cites the increasing concentration of protected healthcare information (PHI) on unencrypted portable devices (laptops, media) and the lack of sufficient oversight of PHI disclosed to hospital "business associates" as the main reasons for the increase. Malicious attacks (theft, hacking, and insider incidents) continue to cause 60 percent of all breaches due to the economic value of a personal health record sold on the black market and for medical ID theft used to commit Medicare fraud.

Over the past year, data breaches caused by an employee losing an unencrypted device were up 525 percent. In the report, Redspin says the federal government should make the sensible decision to require all portable devices that store [electronic personal health information] be encrypted. Daniel W. Berger, Redspin’s CEO and president, said in a statement that the problem won’t go away.

"Without further protective measures, data breaches will continue to increase and could derail the implementation, adoption and usage of electronic health records,” he said.

Sponsored Recommendations

Trailblazing Technologies: Looking at the Top Technologies for the Emerging U.S. Healthcare System

Register for the first session of the Healthcare Innovation Spotlight Series today to learn more about 'Healthcare's New Promise: Generative AI', the latest technology that is...

Data: The Bedrock of Digital Engagement

Join us on March 21st to discover how data serves as the cornerstone of digital engagement in healthcare. Learn from Frederick Health's transformative journey and gain practical...

Northeast Georgia Health System: Scaling Digital Transformation in a Competitive Market

Find out how Northeast Georgia Health System (NGHS) enabled digital access to achieve new patient acquisition goals in Georgia's highly competitive healthcare market.

2023 Care Access Benchmark Report for Healthcare Organizations

To manage growing consumer expectations and shrinking staff resources, forward-thinking healthcare organizations have adopted digital strategies, but recent research shows that...