Dive Brief:
- More than 30.6 million individuals have been impacted by major health care data breaches since September 2009, according to the latest update on the HHS website.
- HHS maintains a list of health care data breaches that affect 500 or more individuals; there are currently 931 breaches on that list.
- Of the breaches on the list, 25% involved business associates, who are now directly responsible for HIPAA compliance under the HIPAA omnibus rule. Business associate-related breaches have affected almost 15 million people since 2009.
Dive Insight:
It's striking to note that roughly half people affected by health care data breaches were exposed due to actions (or inactions) of business associates. This underscores the need for health care organizations to be very picky about the organizations that they choose to permit access to their sensitive data. After all, even if the business associate—not you—is responsible for the data breach, it's your patients being harmed and your reputation being sullied.