Patricia Wagner, a Member of the Firm in the Health Care and Life Sciences and Litigation practices, and Jonathan Hoerner, a Summer Associate, were quoted in an article titled "Disturbing Health Care Data Breach Report."
Following is an excerpt:
The Department of Health and Human Services recently submitted its annual report to Congress about breaches of unsecured protected health information for 2011 and 2012, writes Patricia Wagner, Ali Lakhani and Jonathan Hoerner in Epstein Becker & Green's TechHealth Perspectives blog. "This report provides valuable insight for health care entities regarding their data security and enforcement priorities," they say.
Here are some of their top take-aways:
- Health care providers were the top cause of breaches in both years: For health care data breaches that affected 500+ people, providers came in first. Of all the breaches, providers were responsible for 63 percent and 68 percent in 2011 and 2012 respectively, whereas business associates were only responsible for 27 percent and 25 percent, respectively, and health plans 10 percent and 7 percent.
- Recommendations: To protect health care entities from major breaches, the authors suggest encrypting devices, paying attention to physical control of devices and removing data before disposing of old ones.
- Protected health information was the leading cause of breaches in both 2011 and 2012: Theft comprised approximately 50 percent of the breaches both years, whereas loss was at 17 and then 12 percent, unauthorized access 19 and 18 percent and hacking incidents 8 percent in 2011 and up to 27 percent in 2012.
People
- General Counsel / Chief Privacy Officer