The Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) publicly displays breaches affecting 500 or more patients on their breach portal. In October, there were 59 breaches reported, affecting 2,088,686 patients. More details about the October healthcare breaches are discussed.

October Healthcare Breaches: What Type of Entity Was Affected

October Healthcare Breaches

The majority of October healthcare breaches affected healthcare providers, with 51 incidents affecting 1,038,202 patients. The second most affected group were business associates, with 6 incidents affecting 962,779 patients. Although there were significantly less business associates breaches than healthcare providers, the business associate breaches were of larger scale. Additionally, there was one breached healthcare clearinghouse affecting 45,732 patients, and 3 breached health plans affecting 41,973 patients.

October Healthcare Breaches: Hacking/IT Incidents

Hacking in healthcare has become the leading cause of breaches, and October was no different.

October Healthcare Breaches

The majority of October healthcare breaches occurred due to hacking/IT incidents, with 43 incidents affecting 2,024,988 patients. Of these incidents, 35 targeted healthcare providers, 5 targeted business associates, 2 targeted health plans, and 1 targeted a healthcare clearinghouse.

Network Server Hacks Affected 1,581,560 Patients

Healthcare Providers:

Yale New Haven Hospital: affected 15,904 patients

AdventHealth Shawnee Mission: affected 28,766 patients

Provider Health Services: affected 1,700 patients

Ascend Clinical, LLC: affected 77,443 patients

OSF HealthCare System: affected 94,171 patients

Arkansas Methodist Medical Center: affected 4,916 patients

Geisinger: affected 86,412 patients

Stamford Hospital: affected 1,050 patients

Bonnie Brae: affected 884 patients

Passavant Memorial Homes, Inc.: affected 25,000 patients

Lawrence + Memorial Hospital: affected 21,617 patients

The Medical College of Wisconsin, Inc.: affected 5,655 patients

Greenwich Hospital: affected 95,000 patients

Froedtert & the Medical College of Wisconsin Community Physicians, Inc.: affected 3,074 patients

The Opportunity Alliance: affected 4,500 patients

Body by RAvi Plastic Surgery and Aesthetics: affected 2,618 patients

Adults and Children with Learning and Developmental Disabilities, Inc.: affected 603 patients

Sisters of Charity of St. Augustine Health System: affected 118,874 patients

First Impressions Orthodontics, a subsidiary of Professional Dental Alliance of Connecticut PLLC: affected 23,000 patients

Kids First Dentistry & Orthodontics, a subsidiary of Professional Dental Alliance of Connecticut, PLLC: affected 5,000 patients

Rady Children’s Hospital – San Diego: affected 19,788

Let’s Simplify Compliance

HIPAA compliance and cybersecurity go hand-in-hand. Protect your business by becoming HIPAA compliant today!

Learn More!