Daily Archives: June 5, 2015

The Five Most Likely Types of Major HIPAA Breaches

The Five Most Likely Types of Major HIPAA Breaches

While it is important to comply with all of the mandates of the Omnibus Rule, I think it is instructive to know from where the most vulnerable areas of breach of PHI arise.

In a recent presentation to a limited number of attorneys in which I participated, an investigator for the Office for Civil Rights (OCR) advised that with respect to breach notification of major HIPAA breaches (those in which the PHI of 500+ individuals had been disclosed), as of February 27, 2015, OCR’s records indicate that the following were the percentages attributable to the types of breaches:

  1.   Theft 51%
  2.   Unauthorized Access/Disclosure 19%
  3.   Loss 9%
  4.   Hacking /IT Incident 7%
  5.   Improper Disposal 4%
  6.   Other 9%
  7.   Unknown 1%