Healthcare data statistics tracked by HIPAA Journal demonstrate a steady rise in breaches in the 14 years since the Department of Health and Human Services’ Office for Civil Rights (OCR) began publishing records. As of September 24, 2024, more than 490 breaches have been reported for the year. Reportable breaches, which only include incidents involving 500 or more health records, have been tracked by OCR since 2009, when just 18 breaches were recorded. From 2009 to 2023, a total of 5,887 breaches of this scale were reported to the OCR, leading to the exposure of 519 million healthcare records—more than 1.5 times the population of the United States. The peak years include 2023 with 745 breaches and 2022 with 720 breaches.
Patient records at risk: In terms of the number of records exposed, so far it seems that the largest data breach occurred in relation to a hacking incident at Anthem Inc. in 2015, which involved the records of 78.8 million individuals. However, the recent ransomware attack on Change Healthcare that exposed millions of health records has not yet been quantified, and therefore is not part of the records tally.
Read More