Technology
e-Newsletter
Intelligence Unit Special Reports Special Events Subscribe Sponsored Departments Follow Us

Twitter Facebook LinkedIn RSS

OCR Patient Data Breach List Hits Milestone

Dom Nicastro, for HealthLeaders Media, January 24, 2011

The number of entities reporting breaches of unsecured protected health information (PHI) affecting 500 or more individuals has hit 225. The web site was born out of HITECH and has been live since February 2010.

OCR says the breach reports date back to September 2009. Hence, it's been about 17 months since OCR has accepted the reports. It amounts to about 13 reports filed per month, or 0.44 per day.

The OCR breach notification website also reports the following numbers:
  • 10 -- Number of reports affecting more than 100,000 individuals, or 4.4 percent of the total number of breaches.
  • 4 – Number of reports affecting between 50,000 and 99,999 individuals
  • 6 – Number of reports affecting between 25,000 and 49,999 individuals
  • 27 – Number of reports affecting between 10,000 and 24,999 individuals
  • 61 – Number of reports that involve a laptop, or 27.1 percent.

HITECH’s breach notification interim final rule is still in effect. OCR has been close to signing off on a final rule before it pulled it out of the hands of the Office of Management and Budget (OMB) for further review.

Comments are moderated. Please be patient.

1 comments on "OCR Patient Data Breach List Hits Milestone"


Derek Beckwith (1/25/2011 at 11:41 AM)
Thanks for this article [INVALID] we posted a link to it on Identity Theft Daily News (www.idtheftdailynews.com) our news portal that highlights the day's best stories on data breaches, compliance and identity theft. While this article cites some great statistics, it is important to remember that the vast majority of breaches continue to go unreported. In the health care industry alone, according to two consecutive annual surveys of hospital executives by Identity Force (www.identityforce.com), over 40% of hospitals have 10 or more data breaches every year, and over 20% have more than 20 breaches annually [INVALID] yet only a handful are reported to state and federal regulators. A copy of the latest survey can be found at www.identityforce.com/Press.php. Medical identity theft will continue to be the fastest growing form of identity fraud until hospitals get breaches under control.