HIPAA Breach Report for March 2022

by Sara Uzer

Paubox-HIPAA-Breach-Report

The Paubox HIPAA Breach Report analyzes protected health information (PHI) breaches affecting 500 or more people as reported to the Department of Health & Human Services (HHS) in February 2022.


This report will cover:


HIPAA breaches ranked by people affected

Most common breaches by type

  • Network server breaches affected the most people in February 2022. 1,102,298 individuals had their data breached.
  • Email breaches were the second most common breach, with 185,916 people affected.
  • Electronic medical record breaches affected 45,082 people, the third most common breach type.

HIPAA breaches by occurrence

Most common breach types

  • Network server was the most common attack vector in February 2022. There were 20 network server breaches.
  • Email breaches were the second most common attack vector; eleven attacks via email were reported.
  • Electronic medical record breaches were reported three times last month.

Year over year comparison

These charts compare the numbers reported in previous Paubox HIPAA Breach Reports (March 2018March 2019March 2020March 2021) with this month’s report.

HIPAA breaches ranked by people affected

What we observe

  • Network server, email, and laptop breaches affected most people overall in February 2018 – 2022.
  • Network server breaches affected a total of 3,390,809 people in these months.
  • Email breaches affected 1,431,222 people, and laptop breaches affected 657,655.

HIPAA breaches ranked by occurrence

What we observe

  • Email, network server, and paper/films breach types were the most common attack vectors in February 2018-2022.
  • Email breaches occurred 52 total times.
  • Network server breaches occurred a total of 51 times, and paper/films types occurred 17 times.
  • The most significant number of email breaches happened in February 2022.

Takeaways

Network server breaches affected the most people in February 2022. Morley Companies, Inc. had the most significant breach that affected 521,046 people. Logan Health Medical Center had the second-largest breach that affected 213,543 people.

The yearly comparison shows that email breaches were the most popular attack vectors for bad actors over the last five February months. Over 1 million total individuals had their data breached via 52 email breaches during this time.

Full data

Click here to view the HHS’ raw data via Google Sheets.

About the Paubox HIPAA Breach Report

The Paubox HIPAA Breach Report analyzes breaches that affected 500 or more individuals, as reported on the HHS Wall of Shame in February 2022.

SEE ALSO: HIPAA compliant email: the definitive guide