By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
Health Works CollectiveHealth Works CollectiveHealth Works Collective
  • Health
    • Mental Health
    Health
    Healthcare organizations are operating on slimmer profit margins than ever. One report in August showed that they are even lower than the beginning of the…
    Show More
    Top News
    learn to recognize and treat yeast infections
    Most Commonly Asked Questions About Yeast Infections
    November 17, 2021
    Advanced lung cancer diagnosis systems used by doctors
    Advanced Lung Cancer Diagnosis Systems Used by Doctors
    March 6, 2022
    The Top Benefits of a Wearable Blood Pressure Monitor Watch
    The Top Benefits of a Wearable Blood Pressure Monitor Watch
    June 13, 2022
    Latest News
    Beyond Nutrition: Everyday Foods That Support Whole-Body Health
    June 15, 2025
    The Wide-Ranging Benefits of Magnesium Supplements
    June 11, 2025
    The Best Home Remedies for Migraines
    June 5, 2025
    The Hidden Impact Of Stress On Your Body’s Alignment And Balance
    May 22, 2025
  • Policy and Law
    • Global Healthcare
    • Medical Ethics
    Policy and Law
    Get the latest updates about Insurance policies and Laws in the Healthcare industry for different geographical locations.
    Show More
    Top News
    drug discount cards
    Drug Discount Cards: Lifting the Veil of Secrecy
    August 28, 2013
    Ingredients of an Effective Antibiotic Stewardship Program: Be Sure to Add Health IT and Medical Device Innovation
    June 15, 2012
    alzheimer's gene
    Infants with Alzheimer’s Gene Already Show Brain Development Differences
    November 30, 2013
    Latest News
    Let Your Lawyer Handle the Work Before You Pay Medical Costs
    July 6, 2025
    Top HIPAA-Compliant Messaging Apps for Healthcare Teams
    June 25, 2025
    When Healthcare Ends, the Legal Process Begins: What Families Should Know About Probate and Medical Estates
    June 20, 2025
    Preventing Contamination In Healthcare Facilities Starts With Hygiene
    June 15, 2025
  • Medical Innovations
  • News
  • Wellness
  • Tech
Search
© 2023 HealthWorks Collective. All Rights Reserved.
Reading: Healthcare’s Dirty Secret – 15 Million Patient’s Private Information Exposed Since 2009
Share
Notification Show More
Font ResizerAa
Health Works CollectiveHealth Works Collective
Font ResizerAa
Search
Follow US
  • About
  • Contact
  • Privacy
© 2023 HealthWorks Collective. All Rights Reserved.
Health Works Collective > eHealth > Medical Records > Healthcare’s Dirty Secret – 15 Million Patient’s Private Information Exposed Since 2009
Medical Records

Healthcare’s Dirty Secret – 15 Million Patient’s Private Information Exposed Since 2009

Jonathan Govette
Jonathan Govette
Share
5 Min Read
HIPAA Breaches since 2009 - Indviduals Affected
SHARE

 

Contents
Avoidable HIPAA Breaches How to Protect PHI (Patient Health Information)Proper Software PermissionsSmall to Medium Practices Do Not Have Required IT SkillsThe graph below depicts the number of patients affected by HIPAA violations:The graph below depicts the number of breaches reported per month since September 2009.How do you protect your organization?

 

Due to the overwhelmingly positive response to an earlier blog post entitled “Paper Records More Susceptible to Breach than Any Other Medium – are you next?”, I decided to dig deeper into the data provided by the U.S. Department of Health & Human Services.

The organization provides a data of breaches affecting 500 or more individuals. While a breach that impacts 1 patient is important to rectify, the department chose 500 to be of material consequence. There were 435 breaches recorded and observed by the HHS Office for Civil Rights.

More Read

global network (2)
Time for a patient-driven health information economy? – A response
EHRs And The Law: When Interoperability Isn’t a Choice
Kaiser Permanente Medical Center Allows Patients to View Charts and Info in Real Time
Patients Going Mobile: The Consumerization of Radiology
Electronic Medical Records: Should the SEC Track the Brokerage Accounts of Hospital Clerks?

Avoidable HIPAA Breaches

It is interesting to note that the breaches that occur are avoidable. The table below examines that type of breaches that occurred in the dataset.  While there are different mediums containing Patient Health Information (PHI), when stored locally either physically or digitally they are vulnerable to intruders.

Breach TypeBreach Count
Theft238
Unauthorized Access93
Improper Disposal75
Hacking Incident26
Loss3

 

 How to Protect PHI (Patient Health Information)

When examining breach types it is important to identify differences and how to protect PHI. Theft can occur physically or digitally. It is difficult to protect physical records and require secure location and incur storage costs. Storing physical patient files does not capture a history of access.

This leads to Unauthorized Access, including employee access or mishandling of PHI. Using a digital repository for PHI allows organization administrators to identify any misuse of patient data and curb potential HIPAA breaches before they become material IF proper protocols are put in place.

Proper Software Permissions

Some Electronic Medical Record (EMR) applications and services such as referralMD allow for proper administration of PHI and employee access. All IT equipment has an end of useful life and requires proper disposal. Once this occurs the equipment can be salvaged (sold to a third party) to recover some IT investment costs.

There is nothing wrong with the practice if sensitive data is removed (with a Department of Defense wipe) or data storing hardware such as hard drives, CD/DVD’s and tape backups are destroyed. Hacking can occur both internally and externally over network resources.

Small to Medium Practices Do Not Have Required IT Skills

Organization networks can be protected with firewalls from external intruders; however PHI is still vulnerable to internal malice. Most medium and small medical organizations do not deploy proper staff to monitor network traffic continuously. Cloud services can provide a layer of protection that have the staff to monitor network traffic and enforce network security on a wide scale.

Of the 435 breaches,  116 were paper based breaches, 109 involved stolen laptops, 62 Desktop computers, 40 Networks, 70 portable devices (including portable hard drives, CD/DVD’s and tape backups). Download the  full report of breaches here.  Almost 15 million patients were affected by breaches by the top 10 entities with the most breaches. Unfortunately most of the incidents were avoidable and due to stolen or lost physical media

The graph below depicts the number of patients affected by HIPAA violations:

HIPAA Breaches since 2009 - Indviduals Affected

The graph below depicts the number of breaches reported per month since September 2009.

Number of Breaches Reported Since Sept. 2009

While the graph that depicts the number of breaches shows downward slope, this is misleading. Breaches that have occurred in recent months may not have been identified and/or have not been reported. OCR complaints may be filed 180 days from the date of the act or occurrence(s).

Organizations can protect themselves by adhering to HIPAA regulations and use tools such as referralMD to remain in compliance or to minimize the impact of a violation. Data from the HHS has been included in this blog post.

How do you protect your organization?

Share your thoughts below about what you do to protect your patients.

TAGGED:security breach
Share This Article
Facebook Copy Link Print
Share

Stay Connected

1.5kFollowersLike
4.5kFollowersFollow
2.8kFollowersPin
136kSubscribersSubscribe

Latest News

9 Lifestyle Tweaks That Can Add Years to Your Life
9 Healthcare Lifestyle Tweaks That can Add Years to Your Life
lifestyle
July 11, 2025
car accident lawsuit
Let Your Lawyer Handle the Work Before You Pay Medical Costs
Policy & Law
July 6, 2025
women dental care
What Is a Smile Makeover and How Much Does It Cost?
Dental health
June 30, 2025
HIPAA-Compliant Messaging Apps
Top HIPAA-Compliant Messaging Apps for Healthcare Teams
Global Healthcare Policy & Law Technology
June 25, 2025

You Might also Like

Health Records for Your Kids Now in the Palm of Your Hand

August 16, 2012
Image
BusinesseHealthHospital AdministrationMedical DevicesMedical InnovationsMedical RecordsTechnology

5 Tips for Managing Technology in Healthcare

July 13, 2015

HIPAA: Liability to Private Parties for Violations

November 18, 2014
Team of doctors having a meeting
BusinessHealth ReformHospital AdministrationMedical RecordsMobile Health

How do we achieve coordinated health care?

February 12, 2016
Subscribe
Subscribe to our newsletter to get our newest articles instantly!
Follow US
© 2008-2025 HealthWorks Collective. All Rights Reserved.
  • About
  • Contact
  • Privacy
Welcome Back!

Sign in to your account

Username or Email Address
Password

Lost your password?