by Rick Kuwahara COO of Paubox
Article filed in

HIPAA Breach Report for April 2020

by Rick Kuwahara COO of Paubox


The Paubox HIPAA Breach Report analyzes protected health information (PHI) breaches affecting 500 or more people as reported to the Department of Health & Human Services (HHS) in April 2020.

This report will cover:

HIPAA Breaches Ranked by People Affected

April 2020 HIPAA Breaches by People Affected

Top Three Breach Types

  • Email breaches ranked first by a big margin with 237,555 people’s protected health information (PHI) affected.
  • Desktop breaches cracked the top three for the first time this year, ranking second with PHI of 80,700 people breached.
  • Electronic Medical Record breaches came in third with 73,772 people having their PHI breached.

HIPAA Breaches Ranked by Occurrence

April 2020 HIPAA Breaches by Occurrence

The Most Common

  • Email again took the top spot as the most common breach type in this month’s report with 13 reported breaches.
  • Network Server came in second with 7 breaches.
  • Paper/Films placed third with 5 reported breaches.


Email as a threat vector in healthcare continues to rank as the most common entry point for bad actors, with 13 reported breaches.

The number of reported breaches increased from the previous month, with 34 total incidents, compared to 30 the month prior.

Although the number of breaches increased, the severity decreased as the number of people affected dropped to 390,161 compared to over 1.2 million in February.

The largest breach was caused by a phishing attack on Tandem Diabetes Care that affected 140,781 patients when three employee email accounts were compromised during a three-day period in January.

Full Data

Click here to view the raw data (Google Sheets).

About the Paubox HIPAA Breach Report

The Paubox HIPAA Breach Report analyzes breaches that affected 500 or more individuals as reported in the HHS Wall of Shame in March 2020.