HIPAA Breach Report for August 2021

by Hannah Trum Senior Marketing Specialist

The Paubox HIPAA Breach Report analyzes protected health information (PHI) breaches affecting 500 or more people that were reported to the Department of Health & Human Services (HHS) in July 2021.

This report will cover:

HIPAA breaches ranked by people affected

Most common breach types

  • Network server breaches affected the most people in July 2021. 3,984,570 individuals had their data breached.
  • Email breaches were the second most common, with 503,602 people affected.
  • Electronic medical record breaches affected 152,254 people, the third most common breach type.

HIPAA breaches by occurrence

Most common breach types

  • Network servers were the most common attack vector in July 2021. There were 22 network server breaches.
  • Email breaches were the second most common attack vector; nineteen attacks via email were reported.
  • Paper/film breaches were reported a total of 5 times last month.


Network server breaches affected the most people and were the most common breach type for the second month in a row.

Forefront Dermatology, S.C. had the largest breach affecting 2,413,553 people. Practicefirst had the second-largest breach affected 1,210,688 people. Both breaches occurred via a network server.

Full data

Click here to view the HHS’ raw data via Google Sheets.

RELATED: Google and HIPAA compliance: the ultimate guide

About the Paubox HIPAA Breach Report

The Paubox HIPAA Breach Report analyzes breaches that affected 500 or more individuals, as reported on the HHS Wall of Shame in July 2021.

SEE ALSO: HIPAA compliant email: the definitive guide