June 2022 Healthcare Breach Report

Each month, we review healthcare breaches to determine the leading cause and how the incidents could have been prevented. We do so by examining the Office for Civil Rights (OCR) online breach portal. The OCR publicly posts healthcare breaches that affected 500 or more patients to ensure that all affected patients know their information could have been potentially compromised.

June was another prolific month for healthcare data breaches. Covered entities and business associates reported breaches affecting 5,843,989 records containing protected health information (PHI). 

In June 2022, there were 67 large-scale breaches reported, most of which affected healthcare providers, with 54 incidents. These 54 incidents compromised the PHI of 4,758,130 individuals, representing 81.4% of patients affected by the June incidents. 

Business associates reported nine additional incidents, accounting for close to one-fifth of all records breached. Business associate incidents affected 1,973,104 patients, representing 18.4% of patients affected. 

Four health plans also reported incidents affecting 11,955 patients and representing 0.2% of affected patients. 

In June, 54 breaches resulted from hacking incidents. There were six breaches caused by unauthorized access or disclosure of PHI, four incidents involving theft, two caused by improper disposal, and one as the result of loss of PHI.

June 2022 Healthcare Breaches and Hacking

Cybercriminals are still busy as hacking continued its streak at the top of the list of causes of healthcare breaches in June 2022. The 54 hacking incidents reported in June affected the PHI of 5,770,855 patients. These 54 incidents represented 98.7% of the breached records reported during the month.

Let’s Simplify Compliance

Prevent breaches by becoming HIPAA compliant today!

Learn More!
HIPAA Seal of Compliance

Entities affected by hacking:

  • 44 healthcare providers, 4,696,071 patients, 81.4% of patients affected by hacking
  • 9 business associates, 1,073,904 patients,18.6% of patients affected by hacking
  • 1 health plan, 880 patients, less than 0.02% of patients affected by hacking

Types of hacking incidents:

  • 28 network server hacks, 3,686,2839 patients, 89.9% of patients affected by hacking
  • 8 email hacks, 111,9849 patients, 2.0% of patients affected by hacking
  • 13 electronic medical records, 512,25485 patients, 9.2% of patients affected by hacking
  • 1 desktop computer/EMR/network server hack, 8,000 patients, 0.1% of patients affected by hacking
  • 1 other causes hack, 1,290,104 patients, 23.0% of patients affected by hacking

How to Prevent Hacking Incidents

As hacking incidents have become the leading cause behind healthcare breaches for several years, minimizing your risk of being targeted is crucial.

Security Risk Assessments and Remediation

Security risk assessments (SRAs