1.5 Million Patients Affected by February Healthcare Breaches
The Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) reported 39 February healthcare breaches, affecting 1,531,855 patients. Of the reported incidents, there were 26 breaches due to hacking/IT incidents, 6 breaches from the unauthorized access/disclosure of protected health information (PHI), 3 breaches due to theft, 2 breaches due to loss, and 2 breaches due to improper disposal of PHI.
February Healthcare Breaches: Hacking / IT Incidents
The majority of February healthcare breaches occurred as a result of hacking / IT incidents, with 54.8% of total breaches due to this type of incident. The 26 instances of hacking / IT incidents in February affected 839,226 patients. The following chart depicts the location of the incidents, meaning where, within the organization, the hacking / IT incidents occurred.
Email Hacks Affected 603,916 Patients
Ozark Orthopaedics, PA: affected 15,240 patients
Interactive Medical Systems, Corp.: affected 15,010 patients
Munson Healthcare: affected 75,202 patients
Engage Behavioral Health: affected 650 patients
Rainbow Hospice Care, Inc.: affected 2,029 patients
Endeavor Energy Resources, L.P.: affected 5,103 patients
February Healthcare Breaches: Unauthorized Access / Disclosures
A small number February healthcare breaches occurred as a result of unauthorized access / disclosures, with just 1% of total breaches due to this type of incident. The 6 instances of unauthorized access / disclosures in February affected 15,826 patients. The following chart depicts the location of the incidents, meaning where, within the organization, the unauthorized access / disclosures occurred.
February Healthcare Breaches: Theft / Improper Disposal / Loss
The second highest reason behind February healthcare breaches was theft, with 42.8% of total breaches due to this type of incident. The 3 instances of theft in February affected 655,392 patients. Improper disposal of protected health information (PHI) caused 1% of total February healthcare breaches. The 2 instances of theft in February affected 15,507 patients. The smallest number of February healthcare breaches were due to loss of PHI, affecting 5,904 patients, accounting for just 0.4% of breaches. The following chart depicts the incidents of loss, theft, and improper disposal of PHI.
Theft of PHI Affected 655,392 Patients
Armada Physical Therapy of Albuquerque, LLC: affected 500 patients
Health Share of Oregon: affected 654,362 patients
Arizona Pain and Spine Institute: affected530 patients
Improper Disposal of PHI Affected 15,507 Patients
Today’s Vision Willowbrook (acquired by Capital Vision Services d/b/a MyEyeDr. (MED Southwest PLLC): affected 7,983 patients
SAMA HealthCare Services: affected7,524 patients
Loss of PHI Affected 5,904 Patients
Harris County Hospital District d/b/a Harris Health System: affected 2,298 patients