JAMA: Trend in rising health data breaches will be hard to reverse

A study published in the Journal of the American Medical Association (JAMA) verified that data breaches of protected health information are on the rise, a trend that will be difficult to reverse in the near future.

Vincent Liu, MD, MS, and colleagues analyzed data breaches of protected health information reported by companies protected under HIPAA. Each breach affected at least 500 individuals and was reported as required by the HITECH Act.

An HHS database lists 949 data breaches of protected health information reported from 2010-2013, affecting a staggering 29.1 million records.

In 2013, there were 265 breaches that affected 9 million records. This is up from 214 breaches and 5.1 records in 2010. There were two breaches in 2013 that affected more than 1 million records all on their own; in 2010, there was one such breach.

When analyzing what caused the breaches, the study found that 49.1% of the breaches in 2013 were caused by theft, down from 65% in 2010. The three other breach categories (loss or improper disposal, unauthorized access or disclosure, hacking or IT incident) all increased.

“Given the rapid expansion in electronic health record deployment since 2012, as well as the expected increase in cloud-based services provided by vendors supporting predictive analytics, personal health records, health-related sensors, and gene sequencing technology, the frequency and scope of electronic health care data breaches are likely to increase,” Liu et al wrote.

Electronic health records and patient engagement have been at the center of many debates in recent months, especially with MU Stage 3 requiring that 25% of patients must view their EHR. Health organizations are scrambling to get up to speed, but not at the expense of security.

Patients must fully buy in for EHRs to be effective, wrote David Blumenthal, MD, MPP, in a JAMA editorial.

“If patients have concerns that their digitized personal health information will be compromised, they will resist sharing it via electronic means, thus reducing its value in their own care and its availability for research and performance measurement,” he wrote in the editorial. “Loss of trust in an electronic health information system could seriously undermine efforts to improve health and health care in the United States.”

Blumenthal also said that policymakers must do more to protect our health information.

“Beyond the adequacy of HIPAA, the security of the nation’s health information systems is inextricably linked to the ability to fend off cyber threats more generally,” Blumenthal said. “National policy on this larger question remains nascent.”

Michael Walter
Michael Walter, Managing Editor

Michael has more than 18 years of experience as a professional writer and editor. He has written at length about cardiology, radiology, artificial intelligence and other key healthcare topics.

Around the web

The nuclear imaging isotope shortage of molybdenum-99 may be over now that the sidelined reactor is restarting. ASNC's president says PET and new SPECT technologies helped cardiac imaging labs better weather the storm.

CMS has more than doubled the CCTA payment rate from $175 to $357.13. The move, expected to have a significant impact on the utilization of cardiac CT, received immediate praise from imaging specialists.

The all-in-one Omni Legend PET/CT scanner is now being manufactured in a new production facility in Waukesha, Wisconsin.