BreachExchange mailing list archives
OCR’s 'wall of shame' just cracked 2,000 data breaches. Here’s how reporting has changed since 2009
From: Audrey McNeil <audrey () riskbasedsecurity com>
Date: Thu, 10 Aug 2017 18:01:37 -0600
http://www.fiercehealthcare.com/privacy-security/ocr-s- wall-shame-just-cracked-2-000-data-breaches-here-s-how-reporting-has-changed More than 2,000 data breaches have been reported the Department of Health and Human Services since 2009, when the HITECH Act began requiring the agency to post breaches on a public web portal. But a lot has changed since the agency posted that first breach, according to Healthcare Info Security, which analyzed all 2,018 breaches. For one, reporting has ramped up considerably. It took almost five years for the so-called “wall of shame” to reach 1,000 breaches, compared to just three years to get that second half. In recent years, the HHS Office for Civil Rights has made an effort to hold healthcare organizations accountable for reporting breaches within 60 days. While poor encryption practices made up the majority of breach reports early on, hacking makes up more than 40% of breaches currently under investigation over the last two years. Hacking has also implicated far more patient records, accounting for 75% of compromised records. "The big takeaway here is that phishing is a successful way to get inside healthcare facilities,” Susan Lucci, chief privacy officer and senior consultant at the security consultancy firm, Just Associates, told Healthcare Info Security. HHS recently updated the data breach portal, separating data breaches that have occurred over the last two years that are still under investigation and those that are older than two years or have been resolved. Data breaches reported so far this year are on pace to surpass last year’s total, which was seen as a banner year for healthcare breaches. More than 230 breaches were reported so far this year, accounting for more than 3.1 million patient records.
_______________________________________________ BreachExchange mailing list sponsored by Risk Based Security BreachExchange () lists riskbasedsecurity com If you wish to Edit your membership or Unsubscribe you can do so at the following link: https://lists.riskbasedsecurity.com/listinfo/breachexchange
Current thread:
- OCR’s 'wall of shame' just cracked 2,000 data breaches. Here’s how reporting has changed since 2009 Audrey McNeil (Aug 11)