Top Ten Healthcare Data Breaches of 2016 featured image

Top Ten Healthcare Data Breaches of 2016

by John DiGiacomo

Partner

Data Breach

2016 was unkind when it comes to health care system data breaches. The top ten healthcare data breaches of 2016 affected more than 16 million people. There were more than 300 incidents of hacking and data security breaches throughout the year. The federal government tracks instances of healthcare data breaches and publishes its report for public inspection.

Top Ten Healthcare Data Breaches of 2016

The U.S. Department of Health and Human Services maintains a listing of the top ten healthcare data breaches for 2016. More than 16 million individuals were impacted by a healthcare system data breach in 2016. While this is far fewer affected individuals than in past years, there is still much concern surrounding healthcare data breaches, as these attacks are becoming more frequent and more complicated. Healthcare systems are four-times as likely to be the victim of ransomware. The top ten healthcare data breaches in 2016 include:

  1. Banner Health, with 3.6 million records affected by a hacking incident.
  2. Newkirk Products, with 3.5 million records affected by a hacking incident.
  3. 21st Century Oncology, with 2.2 million records affected by a hacking incident.
  4. Valley Anesthesiology Consultants, with 883,000 records affected by a hacking incident.
  5. County of Los Angeles Departments of Health and Mental Health, with 749,000 records affected by a hacking incident.
  6. Bon Secours Health System, with the unauthorized access and/or disclosure of 652,000 records.
  7. Peachtree Orthopedic Clinic, with 531,000 records affected by a hacking incident.
  8. Radiology Regional Center, with the loss of 483,000 records.
  9. California Correctional Health Care, with the theft of 400,000 records.
  10. Central Ohio Urology Group, with 300,000 records affected by a hacking incident.

Amongst the top ten healthcare data breaches, more than 11 million patient records were potentially exposed, which is roughly two thirds of all healthcare data breaches for 2016. And 2017 has only been underway for a week or so and there has already been a data breach at the MetroPlus Health Plan in New York. Given the trend of the last two years, we should expect even more data breaches in 2017.

Ransomware Attack Levels Unprecedented in Health Industry in 2016

The U.S. Department of Health and Human Services’s listing does not include instances of ransomware attacks made on healthcare systems. But that does not take away from the fact that ransomware attacks on health care systems were at an all-time high. There was more than a 60% increase in the number of ransomware attacks on healthcare systems in 2016 over 2015, with no signs of slowing down in future.  

Contact a Healthcare Cybersecurity Lawyer

Cyber threats are continually evolving and changing, and as such so too are the laws governing cybersecurity issues in healthcare. Healthcare systems are under attack like never before and patient health records are being exposed at unprecedented rates. When a healthcare system experiences a hack, the healthcare system has certain obligations to patients whose records are exposed concerning notification and addressing the data breach. Revision Legal has worked with healthcare entities to manage their cyber security legal issues. We can assist you as you manage the aftermath of a security data breach. Contact us using the form on this page or call us at 855-473-8474.

Image credit: Mayur Patel

Extra, Extra!
Recent Posts

Worrying About SaaS Agreements and Cross-Border Data Transfers

Worrying About SaaS Agreements and Cross-Border Data Transfers

Internet Law

When your business is contemplating a software-as-a-service (“SaaS”) agreement, there are a large number of considerations. An SaaS agreement is, of course, a subscription service where a software package is centrally hosted and accessed by a SaaS company’s customers. Issues to be aware of include: As important as the foregoing issues are, one often overlooked […]

Read more about Worrying About SaaS Agreements and Cross-Border Data Transfers

FAQs About Legal Services for Social Media Influencers, Bloggers, and Online Content Creators

FAQs About Legal Services for Social Media Influencers, Bloggers, and Online Content Creators

Internet Law

If you are serious about your career as a social media influencer, blogger, and/or online content creator, you ARE going to need legal services at some point. Online creation is big business now, and big business means the need for legal services. The Internet and Social Media Attorneys at Revision Legal are here to help. […]

Read more about FAQs About Legal Services for Social Media Influencers, Bloggers, and Online Content Creators

Take it Down Act: Ban on “Revenge Porn” Goes National

Take it Down Act: Ban on “Revenge Porn” Goes National

Internet Law

Congress recently passed the Take It Down Act (“TIDA”), and the law was signed by the President in mid-May 2025. See AP media report here. Interestingly enough, “Take It Down” is an acronym for “Tools to Address Known Exploitation by Immobilizing Technological Deepfakes on Websites and Networks Act.” TIDA prohibits what is commonly called “revenge […]

Read more about Take it Down Act: Ban on “Revenge Porn” Goes National

Put Revision Legal on your side