30 million patients hit by health data breaches

Sylvia Mathews Burwell (AP Photo/J. Scott Applewhite) Sylvia Mathews Burwell (AP Photo/J. Scott Applewhite)

While federal officials pushing the “interoperability” of health databases wring their hands over obstacles to their goal, hackers continue to find ways to “share” such information seemingly at will.

The latest data breach, in which the information of 4.5 million patients of Community Health Systems was compromised, underscored the vulnerability of the system. It also motivated Wonkblog, a feature of the Washington Post, to review Health and Human Services’ data on breaches. Here’s what the analysis found:

  • Since 2009, there have been 944 major (500 patients-plus) health info breaches.
  • The data of 30.1 million people were exposed by those breaches.
  • Medical record theft was the most common breach, affecting 17.4 million patients’ data.
  • Data loss was second at 7.2 million patients-plus.
  • Pure hacking penetrated the data of 3.6 million patients.
  • 1.9 million people experienced unauthorized account access.
  • Smaller breaches were common: In 2012, HHS said it received 21,194 reports of small breaches affecting 165,135 individuals.

According to the Ponemon Institute, data breaches cost the health care industry $5.6 billion per year.

The Community Health Systems breach, which wasn’t included in the HHS data base reviewed by Wonkblog, was the second largest HIPAA breach ever, Wonkblog said. Hackers used what is called the Heartbleed computer bug to breach the database.

Scroll over map for number of individuals affected by state:

Comments

Advertisement. Closing in 15 seconds.