Advertisement

Study finds large data breaches at U.S. hospitals

From 2009 to 2016 healthcare providers reported 1,225 of the total 1,798 data breaches in the United States, researchers at Michigan State University report.

By Amy Wallace

April 7 (UPI) -- Researchers at Michigan State University have found the personal data of patients may be at risk of data breaches in U.S. hospitals.

The study found nearly 1,800 incidences of large data breaches in patient information over a seven-year period from October 2009 to December 2016.

Advertisement

Researchers analyzed data from the U.S. Department of Health and Human Services on data breaches at hospitals and healthcare providers. Hospitals covered by the Health Insurance Portability and Accountability Act, or HIPPA, are required by law to report data breaches affecting 500 or more patients within 60 days to the Department of Health and Human Services.

The study found healthcare providers reported 1,225 of the 1,798 recorded data breaches with healthcare clearinghouses, health plans and business associates reported the remaining breaches.

Roughly 257 breaches were reported by 216 hospitals, and 33 hospitals reported experiencing more than one breach -- including several at large teaching hospitals.

"Our findings underscore the critical need for increased data protection in the health care industry," Xuefeng Jlang, an associate professor of accounting at Michigan State, said in a press release. "While the law requires health care professionals and systems to cross-share patient data, the more people who can access data, the less secure it is."

Advertisement

The study was published in JAMA Internal Medicine.

Latest Headlines