The Paubox HIPAA Breach Report analyzes protected health information (PHI) breaches affecting 500 or more people as reported to the Department of Health & Human Services (HHS) in May 2020.
This report will cover:
HIPAA Breaches Ranked by People Affected
Top Three Breach Types
- Email breaches ranked first with 417,051 people's protected health information (PHI) being affected.
- Network Server breaches came in second with 33,150 people having their PHI breached.
- Laptop breaches came in third with 13,146 people having their PHI breached.
HIPAA Breaches Ranked by Occurrence
The Most Common
- Email took the top spot again as the most common breach type in this month's report with 8 reported breaches.
- Paper/Films came in second with 5 breaches.
- Electronic Medical Record placed third with 4 reported breaches.
TakeawaysEmail as a threat vector in healthcare continues to rank as the most common entry point for bad actors with 8 reported breaches in May. The number of reported breaches was significantly reduced from previous months with a total of 23 total incidents in May, compared to 33 in April and 34 in March. Although the number of breaches has gone down, the severity has increased once again as the number of people affected has increased to 492,676 in May as compared to 440,435 in April and 390,161 in March. Paper/Films continues to be a fairly common entry point between this month and April. The largest breach was caused by email and occurred to BJC Health System. The health system identified suspicious activity in three employee email accounts on March 6 and launched an investigation. Reports indicate that PHI for 19 facilities were exposed and 287,876 were affected.
Click here to view the raw data (Google Sheets).