One in 10 U.S. Residents Affected by Large Health Data Breaches
June 16, 2014 in News
More than 1,000 medical record breaches involving 500 or more people have been reported to HHS since federal reporting requirements took effect nearly five years ago, according to HHS, Modern Healthcare‘s “Vital Signs” reports (Conn, “Vital Signs,” Modern Healthcare, 6/13).
HHS has been tracking data breaches since September 2009, when the HIPAA breach notification rule went into effect. The agency reports health information breaches affecting more than 500 individuals on its “wall of shame” website (iHealthBeat, 4/1).
Since 2009, HHS has received:
- 1,026 reports of breaches involving 500 or more individuals; and
- More than 116,000 breach reports involving records of fewer than 500 individuals through March 1, 2013.
In total, large health data breaches reported by health care providers and their business associates have affected the medical records of about one in 10 U.S. residents, or 31.7 million people.
Meanwhile, more than 32,600 HIPAA complaint cases have been investigated, with more than 22,500 of them closing with corrective action, according to HHS Office for Civil Rights spokesperson Rachel Seeger (“Vital Signs,” Modern Healthcare, 6/13)
Privacy Penalties on the Rise
In related news, HHS Chief Regional Civil Rights Counsel Jerome Meites at an American Bar Association Conference last week said he expects penalties under HIPAA to increase drastically in the next year, The Hill reports.
Since June 2013, HHS has received more than $10 million for HIPAA violations, according to Law360. However, Meites said, “I suspect that that number will be low compared [with] what’s coming up” (Viebeck, The Hill, 6/13).