As the calendar year turned there were several great posts highlighting lessons learned in 2016 from notable HIPAA breaches and enforcement actions. It’s also useful to climb up out of the trees and view the forest. The HHS Office of Civil Rights publishes information each year on reported HIPAA security breaches affecting 500 or more persons, and this database offers a unique, multi-year dataset on such breaches of protected health information.
Here’s a forest-altitude look at significant HIPAA breaches suffered by healthcare providers (setting aside health plans and clearinghouses), looking for key trends emerging during the five years from 2012 to 2016.