Reported health data breaches in the U.S. increased by 97% from 2010 to 2011, according to a report
by IT security assessment firm Redspin, Healthcare IT News
The annual report -- titled, "Breach Report 2011, Protected Health Information" -- takes a look at 385 reported breaches that have occurred since August 2009, when the federal HITECH Act's breach notification regulations took effect. The breaches occurred in all 50 states and affected more than 19 million individuals.
Of the reported breaches analyzed, 60% resulted from malicious attacks such as hacking, insider incidents and theft. Researchers noted that personal health data can be valuable on the black market and can be used to commit Medicare fraud.
Possible Contributing Factors
Researchers said that the recent increase in reported health data breaches could be a result of the growing concentration of protected health data stored on unencrypted laptops and other portable devices.
In addition, they noted that many health care organizations have little oversight over the information that is disclosed to their business associates.
Daniel Berger, Redspin's president and CEO, expressed concern about the recent uptick in reported health data breaches. He said, "Without further protective measures, data breaches will continue to increase and could derail the implementation, adoption and usage of electronic health records" (Manos, Healthcare IT News, 2/1).