News & Press

Breached Patient Records Tripled in 2019 as Malicious Actors Create New Problems for Patients

Download the full press release

Another year of increased health data breaches, with over 40 million affected patient records

BALTIMORE, MD -- Over 40 million patient records were breached in 2019, according to new data released today in the Protenus Breach Barometer®. Published by Protenus, a healthcare compliance analytics platform that protects patient data for the nation’s leading health systems, the Breach Barometer is the industry’s definitive source for health data breach reporting.  

There has been a continuous increase in the number of health data breaches since the first Breach Barometer report. In 2016, the healthcare industry suffered 450 incidents and has steadily increased to 572 in 2019. The number of affected patient records almost tripled from 15 million in 2018 to 41 million in 2019. Also first reported in 2016, a trend of at least one health data breach per day remains.

To download the full report, or for more information, please visit:

The single largest breach reported in 2019 was the result of the hacking of a Business Associate (BA). It involved one of the country’s largest patient collections recovery agencies that had its patient information accessed by an unauthorized party. The breach was discovered when analysts discovered patient information including, date of birth, social security numbers, and physical addresses for sale on the dark web. This incident affected 20,949,600 patient records, and this number will likely be higher as they notify other clients of the breach. 

In another breach, we were reminded of the dangers of insider threats. In this insider-wrongdoing incident, a nurse is suspected of gaining access to patient information and providing the data to a third-party for fraudulent purposes. It is estimated that 16,542 patients could have been affected over the course of almost two years before discovery. The investigation is still ongoing.

Protenus, the nation’s leading healthcare compliance analytics company, was recently named the 2020 KLAS Category Leader in Patient Privacy Monitoring. Founded in 2014, the company helps health systems ensure health data is safe and being used appropriately.

About Protenus

The Protenus healthcare compliance analytics platform uses artificial intelligence to audit every access to patient records for the nation’s leading health systems. Providing healthcare leaders full insight into how health data is being used, and alerting privacy, security and compliance teams to inappropriate activity. Protenus helps our partner hospitals make decisions about how to better protect their data, their patients, and their institutions. This year, Protenus was named the 2020 KLAS Category Leader in Patient Privacy Monitoring. In 2019, Protenus was named one of The Best Places to Work in Healthcare by Modern Healthcare and one of the Best Places to Work in Baltimore by the Baltimore Business Journal and the Baltimore Sun. Learn more at and follow us on Twitter @Protenus.


Kira Caban
Director, Communications