The Five Most Likely Types of Major HIPAA Breaches

Posted on  June 5, 2015


While it is important to comply with all of the mandates of the Omnibus Rule, I think it is instructive to know from where the most vulnerable areas of breach of PHI arise.

In a recent presentation to a limited number of attorneys in which I participated, an investigator for the Office for Civil Rights (OCR) advised that with respect to breach notification of major HIPAA breaches (those in which the PHI of 500+ individuals had been disclosed), as of February 27, 2015, OCR’s  records indicate that the following were the percentages attributable to the types  of breaches:

  1. Theft 51%
  2. Unauthorized Access/Disclosure 19%
  3. Loss 9%
  4. Hacking /IT Incident 7%
  5. Improper Disposal 4%
  6. Other 9%
  7. Unknown 1%
Bookmark This Page

Leave a Reply

Your email address will not be published. Required fields are marked *