A data breach doesn’t need to be criminal or intentional to be reportable. When a storage device is small, it is sometimes difficult to determine whether the device was lost, misplaced or stolen. However, even if a flash drive is presumably lost, a breach analysis must still be conducted and potentially affected patients must be notified if there is a probability of data compromise.
Learn More »A review of the data on the OCR Breach Portal indicates that only about 20 percent of healthcare data breaches through 2017 are the result of hacking, but they involve large numbers of records.1 Unfortunately, the healthcare industry also has more data breaches than any other industry.2 There are various reasons for this. We describe some of those here and offer recommendations for preventing HIPAA data breaches caused by criminal hackers.
Learn More »