According to new research by the HIPAA Journal, the start of 2021 has seen a 48% reduction in the month-on-month healthcare data breaches of 500 or more records in the United States.
Compared to 62 incidents of data breaches reported in December last year, only 32 such incidents were reported in the first month this year. However, it is also important to note that though this number is well below the average number of breaches reported each month last year (38), it is still more than 1 per day.
The 32 incidents took place across 18 states— Florida being the most affected with 6 reported incidents.
The journal also states that despite the drastic reduction in the number of data breach incidents reported in January 2021, The total number of heath records compromised in the first month of 2021 (4,467,098) is higher than December’s total by more than 225,000 records.
This is due to a major data breach uncovered by Florida Healthy Kids Corporation affecting 3.5 million people. This is also one of the largest healthcare data breaches of all time.
The health plan had used an IT company to host their website and an application. Only after the investigation following the data breach, it was discovered that the company had failed to apply patches for nearly 7 years, which allowed unauthorized individuals to gain access to sensitive data by exploiting the flaw.
Other notable data breach incidents reported in January include a ransomware attack on healthcare provider Hendrick Health compromising 640,436 health records, and a phishing attack on Roper St Francis Healthcare compromising 640,436 health records.