Theft and loss of data continue to be the top causes of health information breaches, according to the latest report from the Office for Civil Rights.
The office has found 160 reports of data breaches affecting more than 500 people, and 8,500 reports of breaches affecting fewer than 500 people as of Sept. 14. Laptops, desktops, portable electronic devices and paper records all have been involved, said Adam Greene, senior health information technology and privacy specialist for the OCR. He spoke during a summit on the Health Insurance Portability and Accountability Act.
The office was charged with monitoring the privacy and security of health information under the Health Information Technology for Economic and Clinical Health, or HITECH Act. Breaches affecting more than 500 individuals are posted on the OCR website.
Some data breaches do occur when hackers break into IT systems, but most information is lost in far less exotic ways, Greene said. It’s far more common that a laptop with unencrypted data on it is stolen. Or that a flash drive filled with health records is stashed in an airplane seat pocket and forgotten when the flight lands. “That’s where a lot of the breaches are happening right now,” he said.