2019 health care data breaches setting records


A record-breaking 50 health care data breaches involving more than 500 records each were reported to HHS this past July, according to a report published in HIPAA Journal.

“While the type of attack in Utah differed — ransomware vs. a third-party breach — all three involved organizations in the health care ecosystem,” April Sather, a fellow at the Cybersecurity Policy and Research Institute at the University of California, Irvine, told Healio Primary Care.


Other health care data breaches reported this year include one from LabCorp, which announced on June 6 that “unauthorized activity” occurred on the webpage of American Medical Collection Agency, LabCorp’s external collection agency, impacting up to 7.7 million patients. Two days before that, Quest Diagnostics experienced a similar breach with American Medical Collection Agency, potentially impacting 11.9 million patients.


One of the most recent data breaches impacted Premier Family Medical in Utah, when a hacking/IT incident occurred on the company’s network server on Sept. 7, according to HHS’ website. The company said it does not believe any information from its 320,000 patient records was taken.


The article also said that more than 35 million individuals are known to have had their health care records “compromised, exposed, or impermissibly disclosed” thus far in 2019, which is more than the previous 3 full years combined.