2023 US data breaches topped 171M records, up 187% versus 2022: Protenus Breach Barometer

March 22, 2024 | by

2023’s US healthcare data breaches hit an all time high, both in reported breaches and number of records affected. Protenus, which publishes an annual Breach Barometer, uses multiple data sources including Health and Human Services’ public breach tool. The numbers are shocking for both:

  • HHS 2023 reported 725 reports and about 135 million records
  • Protenus‘ numbers are significantly higher: 1,161 reports and 171,139,241 breached records. In 2022, the totals were respectively 1,138 reports affecting a total of 59,664,152 breached records. Breached records were up 187% in 2023.

The variance in reporting is due to factors including not knowing the true scope of the breach in reporting to HHS, state reports being incomplete, and business associate reports covering all or only some of their clients.

Also included in their report is a discussion on how HHS through the Office of Civil Rights (OCR) response to breaches contained in HHS’s 2022 annual report released last month. In investigating, they seem to prefer voluntary resolutions and corrective actions. Only three  resolution agreements with monetary penalties and corrective action plans were imposed.

The Protenus Breach Barometer report is available for free download here. DataBreaches.net collaborated with Protenus in the report.

Health execs’ wish list for 2017: security, analytics, pop health…and telehealth (US)

January 6, 2017 | by

[grow_thumb image=”https://telecareaware.com/wp-content/uploads/2017/01/2017-upgrade-HITN-survey.jpg” thumb_width=”200″ /]Healthcare IT News published the results of their October survey of 95 healthcare executives as to their forward plans (resolutions?) for 2017. It’s unsurprisingly centered on upgrades to the following areas:

  • Data security (52 percent)–definitely making up for lost time and spending due to the obvious threats from hacking and data breaches. In November alone, nearly two incidents a day (57) and over 458,000 records were reported by healthcare entities to HHS. (Protenus Breach Barometer)
  • Data analytics (51 percent)–figuring out what to do with all that patient data generated by….
  • Patient engagement and population health (44 percent each)–demanded by quality standards in CMS’ MACRA Quality Payment Program (QPP), including the Merit-Based Incentive Payment System (MIPS) and the Advanced Alternative Payment Models (APMs)
[grow_thumb image=”https://telecareaware.com/wp-content/uploads/2017/01/2017-introduce-investigate-HITN-survey.jpg” thumb_width=”200″ /]The surprises come here–the technologies they expect to introduce or investigate. Analytics and workflow correspond to the last two points above, but what is compelling is an apparent tipping point for technology which links the patient to care monitoring and access: telehealth (44 percent), smart medical devices (41 percent) and remote patient monitoring (34 percent). These overlap (as in telehealth and RPM require smart medical devices), yet these are strong numbers if they accurately reflect these execs’ actual (or eventual) spending. (Does it point to more clinically validated use of trackers like Fitbit? The Magic 8 Ball does not tell here….)

The presence of 2016-17’s ‘It Girl’, precision medicine (21 percent), which applies both data analytics and genomics to improve patient outcomes, isn’t surprising with the emphasis on quality care.

One can quibble that the sample size is small N, and the report doesn’t confirm the selection details like title, location, and type of organization, but the direction has to be cheering on many fronts. HITN’s overview, survey results (16 slides)