At the 2014 National HIPAA Summit, Susan McAndrew, Deputy Director of the Health Information Privacy Division, U.S. Department of Health and Human Services Office for Civil Rights (OCR), reported there have been 800 major health care data breaches involving the PHI of 500 or more individuals. These breaches resulted in the exposure of the personal health care data of over 29 million patients. Additionally, there were 92,000 reported breaches involving the PHI of fewer than 500 individuals.1
OCR breach report statistics have shown that covered entities of every size are to blame. Major breaches
occur in both large and small provider organizations.
It can happen to you. The threat is constant. That’s why it’s crucial that you be fully aware of the potential risks and take proactive steps to protect your patients’ health information and your business.
Source: U.S. Department of Health and Human Services, Office for Civil Rights.
1. Susan McAndrew, JD, Deputy Director, Health Information Privacy Division. OCR Update and Outreach, Stepping Up Compliance in 2014. Presented at 22nd National HIPAA Summit, February 5, 2014.