The Department of Health and Human Services Office for Civil Rights (OCR), has reported a staggering increase since this time last year of all forms of breaches of patient PHI.
Note: These figures do not include any 2019 breaches that involved fewer than 500 individuals. A covered entity must notify the Secretary of a PHI breach affecting fewer than 500 individuals within 60 days of the end of the calendar year in which the breach occurred.
There are many reasons for the increase, such as:
The table below compares the first eight months of 2018 to the first eight months of 2019.
| 2018 Jan-Aug | 2019 Jan- Aug | 2019 % increase | |
| Number of individuals affected | 4,680,937 | 37,104,905 | 693% |
| Number of reports | 117 | 312 | 167% |
| Covered Entities | 97 | 282 | 191% |
| Business Associates | 23 | 73 | 217% |
| Type of breach | |||
| Hacking/IT incident | 59 | 190 | 222% |
| Improper media/equipment disposal | 3 | 4 | 33% |
| Loss or theft | 19 | 35 | 84% |
| # unauthorized access/disclosure | 36 | 83 | 131% |
| Method of breach | |||
| Desktop computer | 15 | 25 | 67% |
| 39 | 121 | 210% | |
| EMR/EHR | 9 | 15 | 67% |
| Paper or Film | 14 | 34 | 143% |
| Laptops & other devices | 22 | 38 | 73% |
| Network servers | 18 | 79 | 339% |
Total Medical Compliance
6124 Creft Circle
Indian Trail, NC 28079
Phone: (888) 862-6742
Fax: (866) 875-3809
©2023 Total Medical Compliance
Total Medical Compliance
6124 Creft Circle
Indian Trail, NC 28079
(888) 862-6742
Fax (866) 875-3809
©2022 Total Medical Compliance
