Report: Two-Thirds of all Breaches Resulted from Laptops, Portable Devices

June 24, 2011
Redspin, a Carpinteria, Calif.-based provider of HIPAA risk analysis and IT security assessment services, released an analysis of all protected

Redspin, a Carpinteria, Calif.-based provider of HIPAA risk analysis and IT security assessment services, released an analysis of all protected health information breaches publicly recorded between August 2009 and the end of 2010, as per the interim final breach notification of the HITECH Act. The findings were based on 225 security breaches affecting 6,067,751 individuals.

Redspin's analysis focuses on single breaches affecting more than 500 people. Such large scale breaches must be reported on a timely basis to individuals, the media and the HHS Secretary according to the HHS Office of Civil Rights' regulations. The regulations also require business associates of covered entities to notify the covered entity of such breaches at or by the business associate.

Selected findings from the report include:
• 43 states, D.C. and Puerto Rico have suffered at least one breach affecting over 500 individuals.
• ~27,000 individuals, on average, are affected by a breach.
• 78 percent of all records breached are the result of 10 incidents, five of which are the result of theft of common storage media e.g. desktop computers, network servers, and portable devices.
• 61 percent of breaches are a result of malicious intent.
• ~66,000 individuals, on average, are affected by a single breach of portable media.
• 40 percent of records breached involved business associates.


Sponsored Recommendations

How Digital Co-Pilots for patients help navigate care journeys to lower costs, increase profits, and improve patient outcomes

Discover how digital care journey platforms act as 'co-pilots' for patients, improving outcomes and reducing costs, while boosting profitability and patient satisfaction in this...

5 Strategies to Enhance Population Health with the ACG System

Explore five key ACG System features designed to amplify your population health program. Learn how to apply insights for targeted, effective care, improve overall health outcomes...

A 4-step plan for denial prevention

Denial prevention is a top priority in today’s revenue cycle. It’s also one area where most organizations fall behind. The good news? The technology and tactics to prevent denials...

Healthcare Industry Predictions 2024 and Beyond

The next five years are all about mastering generative AI — is the healthcare industry ready?