2016 was unkind when it comes to health care system data breaches. The top ten healthcare data breaches of 2016 affected more than 16 million people. There were more than 300 incidents of hacking and data security breaches throughout the year. The federal government tracks instances of healthcare data breaches and publishes its report for public inspection.

Top Ten Healthcare Data Breaches of 2016

The U.S. Department of Health and Human Services maintains a listing of the top ten healthcare data breaches for 2016. More than 16 million individuals were impacted by a healthcare system data breach in 2016. While this is far fewer affected individuals than in past years, there is still much concern surrounding healthcare data breaches, as these attacks are becoming more frequent and more complicated. Healthcare systems are four-times as likely to be the victim of ransomware. The top ten healthcare data breaches in 2016 include:

1. Banner Health, with 3.6 million records affected by a hacking incident.
2. Newkirk Products, with 3.5 million records affected by a hacking incident.
3. 21st Century Oncology, with 2.2 million records affected by a hacking incident.
4. Valley Anesthesiology Consultants, with 883,000 records affected by a hacking incident.
5. County of Los Angeles Departments of Health and Mental Health, with 749,000 records affected by a hacking incident.
6. Bon Secours Health System, with the unauthorized access and/or disclosure of 652,000 records.
7. Peachtree Orthopedic Clinic, with 531,000 records affected by a hacking incident.
8. Radiology Regional Center, with the loss of 483,000 records.
9. California Correctional Health Care, with the theft of 400,000 records.
10. Central Ohio Urology Group, with 300,000 records affected by a hacking incident.

Amongst the top ten healthcare data breaches, more than 11 million patient records were potentially exposed, which is roughly two thirds of all healthcare data breaches for 2016. And 2017 has only been underway for a week or so and there has already been a data breach at the MetroPlus Health Plan in New York. Given the trend of the last two years, we should expect even more data breaches in 2017.

Ransomware Attack Levels Unprecedented in Health Industry in 2016

The U.S. Department of Health and Human Services’s listing does not include instances of ransomware attacks made on healthcare systems. But that does not take away from the fact that ransomware attacks on health care systems were at an all-time high. There was more than a 60% increase in the number of ransomware attacks on healthcare systems in 2016 over 2015, with no signs of slowing down in future.  

Contact a Healthcare Cybersecurity Lawyer

Cyber threats are continually evolving and changing, and as such so too are the laws governing cybersecurity issues in healthcare. Healthcare systems are under attack like never before and patient health records are being exposed at unprecedented rates. When a healthcare system experiences a hack, the healthcare system has certain obligations to patients whose records are exposed concerning notification and addressing the data breach. Revision Legal has worked with healthcare entities to manage their cyber security legal issues. We can assist you as you manage the aftermath of a security data breach. Contact us using the form on this page or call us at 855-473-8474.

Image credit: Mayur Patel