November 2022 Healthcare Breach Report

Each month, we review healthcare breaches posted on the Office for Civil Rights (OCR) online breach portal to determine the leading causes and how the incidents could have been prevented. The OCR publicly posts healthcare breaches that affected 500 or more individuals to ensure that all affected patients know their information could have been potentially compromised.

At least 6,904,441 records containing patients’ protected health information (PHI)  were breached in November 2022. After a one-month hiatus, Hacking/IT incidents reclaimed their usual place as the cause of the most significant amount of PHI breached in November 2022, with more than 5,374,670 records.

In November 2022, there were 49 large-scale breaches reported, 26 of which affected healthcare providers. These incidents compromised the PHI of 4,071,158 individuals, representing 59% of patients affected by the November incidents. 

Business associates reported 17 additional incidents that affected 46,216 patients, representing 40.4% of patients affected. 

Six health plans also reported incidents affecting 710,861 patients, representing 0.4% of affected patients. 

Hacking incidents were responsible for 40 breaches reported in November 2022. There were eight breaches caused by unauthorized access or disclosure of PHI and one incident involving theft of PHI.

Make Sure You’re HIPAA Compliant

HIPAA compliance and cybersecurity go hand-in-hand.

Protect your business, become compliant today!