Large-Scale Health Data Breaches Declined in 2012 – So Far, Anyway

Joseph Conn reports:

There is some good news on the healthcare data-breach front. According to data compiled on the larger breaches of patient-identifiable medical records reported to HHS’ Office for Civil Rights, 2012 is on track to record fewer breaches than any full year since the American Recovery and Reinvestment Act of 2009 required such reports.

Through Sept. 15, 87 major breaches this year have made the Civil Rights Office’s “wall of shame” for incidents involving the exposure of records of 500 or more individuals.

That’s an average of 10.2 breaches a month. And that’s down from an average of 12.8 a month in 2011, 17.8 a month in 2010 and 13.3 a month for the latter part of 2009, the first year of the reporting program. That year, reports didn’t begin until September.

Read more on Modern Healthcare (free subscription required).

While that sounds like good news, that doesn’t include patients whose prescription information was vulnerable due to Rite Aid’s app.  Nor does HHS’s site generally include a lot of medicare-related fraud where patient data was stolen.

But since the standards for inclusion on HHS’s breach tool haven’t changed since September 2009, it does seem that this year may be a bit better than last year. At least for now.

About the author: Dissent