• Revenue Cycle Management
  • COVID-19
  • Reimbursement
  • Diabetes Awareness Month
  • Risk Management
  • Patient Retention
  • Staffing
  • Medical Economics® 100th Anniversary
  • Coding and documentation
  • Business of Endocrinology
  • Telehealth
  • Physicians Financial News
  • Cybersecurity
  • Cardiovascular Clinical Consult
  • Locum Tenens, brought to you by LocumLife®
  • Weight Management
  • Business of Women's Health
  • Practice Efficiency
  • Finance and Wealth
  • EHRs
  • Remote Patient Monitoring
  • Sponsored Webinars
  • Medical Technology
  • Billing and collections
  • Acute Pain Management
  • Exclusive Content
  • Value-based Care
  • Business of Pediatrics
  • Concierge Medicine 2.0 by Castle Connolly Private Health Partners
  • Practice Growth
  • Concierge Medicine
  • Business of Cardiology
  • Implementing the Topcon Ocular Telehealth Platform
  • Malpractice
  • Influenza
  • Sexual Health
  • Chronic Conditions
  • Technology
  • Legal and Policy
  • Money
  • Opinion
  • Vaccines
  • Practice Management
  • Patient Relations
  • Careers

May healthcare data breaches: More than 2 million patients affected

Article

Read the latest data breach report from the U.S. Department of Health and Human Service’s Office for Civil Rights.

Nearly 2 million people had their healthcare records exposed by breaches from medical practices and other HIPAA-covered entities in May, according to the U.S. Department of Health and Human Service’s (HHS) Office for Civil Rights.

The majority of the records were the result of an unauthorized access to the server of a healthcare clearing house in Puerto Rico called Immediata Health Group Corp. More than 1.56 million patients were impacted by that breach.

Below is information on May’s other disclosed breaches.

• 34 of the 43 breaches occurred at healthcare providers.
• Besides the clearing house breach, the other largest breaches were 106,000 records at a surgical eyecare center in Indiana, 87,400 records at a health plan in Maryland, and 26,000 records at a family and internal medicine group in California.
• Most of the breaches were the result of unauthorized access or a hacking incident tied to email. Seven of the breaches were tied to electronic health records.

The 2009 HITECH Act requires HHS to post a list of breaches of unsecured protected health information affecting 500 or more individuals.

READ MORE: See April 2019's data breach report.

Related Videos