September healthcare breach report: More than 1.4 million records exposed

October 14, 2019

Three takeaways from the reported healthcare record breaches in September

Twenty-nine businesses and organizations covered by HIPAA reported breaches of protected health information in September, affecting more than 1.4 million patient records, according to the U.S. Department of Health and Human Service’s (HHS) Office for Civil Rights.Here’s a breakdown of the data:

1. Who was affected?

29 healthcare businesses affected, including:

· 22 healthcare providers

· 4 health plans

· 3 business associates

2. What was the cause of the breaches?

The 29 breaches were caused by:

· Hacking/IT incident (18 incidents)

· Unauthorized access/disclosure (9 incidents)

· Theft (2 incidents)

3. What were the largest breaches?

The largest breaches, in terms of records exposed, were:

1. Women's Care Florida, LLC, Florida

· 528,188 records exposed by hacking incident of network server

2. Sarrell Dental, Alabama

· 391,472 records exposed by hacking incident of network server

3. Premier Family Medical, Utah