Over 1900 Total Lots Up For Auction at Two Locations - NJ Cleansweep 06/13, NJ 06/14

Spanish SpanishPortuguese Portuguese

HHS reports slight increase in data breaches for healthcare in 2021

by John R. Fischer, Senior Reporter | January 03, 2022
Cyber Security Health IT
Share
Over 660 data breaches at healthcare facilities were reported this year to the federal government
Healthcare providers, insurers, and their business associates combined, saw just one more data breach this year compared to 2020, says a new report from the Human Service Department’s Office for Civil Rights.

The federal government was tipped off about 664 data breaches, which was the largest number of healthcare data breaches in a year since 2010. The total for this year surpassed last year by one single incident.

Data for nearly 43 million patients was compromised in 2021, but this is still less than half the number affected in 2015, when bad actors hacked the data of 112.5 million people, according to Modern Healthcare.
stats
DOTmed text ad

New Fully Configured 80-slice CT in 2 weeks with Software Upgrades for Life

For those who need to move fast and expand clinical capabilities -- and would love new equipment -- the uCT 550 Advance offers a new fully configured 80-slice CT in up to 2 weeks with routine maintenance and parts and Software Upgrades for Life™ included.

stats
A report, however, published in July by Fortified Health said that the number of patients affected by such incidents increased by 185% from the year before, and that the number of reported breaches to the HHS increased 27% year-over-year during the first six months of 2021. Of all healthcare entities, providers experienced the most breaches at 73%, it said.

“Email phishing threats have been at or near the top of the list for quite some time, and there isn't any indication of the trend reversing itself in the near future. Healthcare organizations often overlook third party risk because managing business associates' risk profiles and driving the information security maturity of these entities is a resource-intensive endeavor," Fortified Health Security COO William Crank told HCB News.

The largest breach, according to this most recent report, involved data on an estimated 3.5 million people who applied or enrolled for coverage from Florida Healthy Kids, the state’s Children’s Health Insurance Program contractor, as far back as 2013. The hack was discovered last December and reported to HHS in January.

Under the Health Insurance Portability and Accountability Act, healthcare players must disclose breaches within 60 days of discovering them. This means that some incidents in the HHS database may have occurred last year or even earlier and that data for November and December this year may be limited.

Certain states also have their own timelines for reporting data breaches. In Texas, providers must report attacks to the state attorney general within 60 days as well. One practice, Gastroenterology Consultants, reported a January hacking to HHS in the specified time frame but waited seven months to do so with the state attorney general and the public.
Sign up for Health IT stories Sign up for Weekly Top stories

You Must Be Logged In To Post A Comment

Sign up for Weekly Top stories

Sign up for Health IT stories

 

classifieds

Health IT Homepage

Make waves in hospital virtual care delivery with advanced analytics
Diversifying revenue stream using patient payments
Improving standard of Prostate Cancer Diagnosis and Care while increasing MRI revenues
Preventing cyberattacks: Finding the right strategic partner
How virtual assistants are transforming business models
Technology, transparency and the bottom line: Considerations for the specialty benefits ecosystem
The consequences of the hack of Lurie Children’s Hospital
Through Edgility acquisition ABOUT aims for end-to-end AI-driven patient flow
Bayer and Google Cloud to accelerate development of AI-powered radiology applications
GE HealthCare closes MIM Software deal