Since January 2008, more than 110 healthcare organizations have reported the loss of sensitive PII, according to the Open Security Foundation, affecting in excess of 5.3 million individuals. More than 46 percent of these reported data-loss incidents were caused by theft (stolen laptops, computers or media/tapes). The remaining 24 percent were the result of loss or negligence by staff or third parties, 12 percent were caused by malicious insiders and 12 percent were caused by Web exposure.