Hacking incidents jump 42% while insider incidents affect 8M patient records
BALTIMORE, MD -- Over 40 million patient records were breached in 2020, according to new data released today in the Protenus Breach Barometer®. Published by Protenus, a healthcare compliance analytics company that protects patient data for the nation’s leading health systems, the Breach Barometer is the industry’s definitive source for health data breach reporting.
Hospitals and health systems experienced unprecedented challenges as they grappled to get a handle on the varying components and associated effects of COVID-19. One ramification was the increase in breaches to patient data. There were 758 reported health data breaches in 2020, increasing from 572 reported in 2019. Also a new trend of at least two health data breaches per day has emerged, increasing from the trend of one breach per day reported since 2016.
To download the full report, or for more information, please visit:
The single largest breach reported in 2020 was the result of a hacking incident involving ransomware. The incident involved a large Catholic health system and its philanthropic data vendor, Blackbaud. The hackers gained access to the health system’s donor database and were able to partially remove donor information that included date of birth, inpatient/outpatient status, contact information, and other sensitive patient information. This hacking incident affected 3,320,726 patient records.
Insiders continue to pose significant risk to patient trust and can be costly for affected institutions. In one incident, a New York-based medical center began notifying patients in January that an employee illegally accessed electronic health records and viewed clinical information, including test results and diagnoses. Though the motive for snooping wasn't disclosed, the incident occurred from June to November 2020, as COVID-19 cases were surging.
Protenus, the nation’s leading healthcare compliance analytics company, was recently named one of 2021 CBInsights Digital Health 150 and the 2020 KLAS Category Leader in Patient Privacy Monitoring. Founded in 2014, the company helps health systems ensure health data is safe and being used appropriately.
Protenus uses artificial intelligence to reduce risk and save resources for the nation’s leading health systems, detecting and preventing compliance violations such as breaches to patient privacy and incidents of clinical drug diversion. Compliance analytics provide healthcare leaders full insight into how health data is being used, and alerts privacy, pharmacy and compliance teams to inappropriate activity. Protenus helps our partner hospitals make decisions about how to better protect their data, their patients, and their institutions. For two consecutive years, Protenus was named one of Forbes’ Best Startup Employers and one of CBInsights Digital Health 150. Protenus was also named the 2020 KLAS Category Leader in Patient Privacy Monitoring. In 2019, Protenus was named one of The Best Places to Work in Healthcare by Modern Healthcare and one of the Best Places to Work in Baltimore by the Baltimore Business Journal and the Baltimore Sun. Learn more at Protenus.com and follow us on Twitter @Protenus.
Director of Communications, Protenus