1 min read

HIPAA Breach Report for September 2021

Hannah Trum September 7, 2021

HIPAA Breach Reports

The Paubox HIPAA Breach Report analyzes protected health information (PHI) breaches affecting 500 or more people as reported to the Department of Health & Human Services (HHS) in August 2021.

This report will cover:

HIPAA breaches ranked by people affected
HIPAA breaches ranked by occurrence
Takeaways
Full data

HIPAA breaches ranked by people affected

Bar chart showing HIPAA breaches in September 2021 ranked by attack vector: network server (4.5 million people), email (339,280), electronic medical record (10,885), and paper/films (5,427).

Most common breaches by type

Network server affected the most people in August 2021. 4,536,149 individuals had their data breached.
Email breaches were the second most common, with 339,280 people affected.
Electronic medical record breaches affected 10,885 people, the third most common breach type.

HIPAA breaches by occurrence

Bar chart showing HIPAA breaches by attack vector in September 2021: network server (14), email (13), electronic medical record (2), and paper/films (2)

Most common breach types

Network servers were the most common attack vector in August 2021. There were 14 network server breaches.
Email breaches were the second most common attack vector; thirteen attacks via email were reported.
Electronic medical record breaches were reported twice last month.

Takeaways

Network server breaches affected the most people and were the most common breach type for the third month in a row. St. Joseph's/Candler Health System, Inc. had the largest breach affecting 1,400,000 people. University Medical Center Southern Nevada had the second-largest breach affecting 1,300,000 people. Both breaches occurred via a network server.