March 2017 saw a 1.5 million spike in lost or stolen medical records
data protection

March 2017 saw a 1.5 million spike in lost or stolen medical records

Sign-up to a data breach claim today - use our quick and easy form to begin your claim for thousands of pounds in compensation.

Start Your Claim
Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy

solicitors regulation authority

Protenus, a company who protect patient privacy in the U.S., compiles a monthly report on data breaches called the Protenus Breach Barometer (PBR) using data provided by It analyses all breaches reported to the Department of Health and Human Services (HSS) in the U.S or to the media in 2017.

Looking at breaches that compromised healthcare records for the past few months in 2017, January and February seemed relatively quiet with 388,000 and 200,000 patient records respectively. However, when compared to the massive spike of 1,519,521 compromised patient records in March, it makes the previous figures look insignificant.

The spike in compromised records unsurprisingly came from an increased number of breach incidents. January and February had 31 breaches whereas March saw 39. What was surprising was that 44% of the data breach incidents were internal. This could be harmless administrative errors or malicious insider attacks. Needless to say, healthcare organisations not only need to protect the data they hold from 3rd party attacks like hackers, but they also need to make sure it is secure enough so that employees can’t trip up and cause a breach.

In a recent study published by the Journal of American Medical Association, they found that healthcare providers are increasingly easy targets for hackers. The study, headed by Assistant Professor Ge Bai, found that the larger the healthcare provider or teaching hospital, the more data breaches. In the study, the researchers compared hospitals with breaches against hospitals who had not been breached between 2009 and 2016. They found that the average number of beds a breached hospital had was 262, whereas their breach-free counterparts were at almost half the size with only 134 beds.

The healthcare industry has the highest percentage of data breaches

Healthcare providers are holding onto their spotlight as the ones with the highest percentage of data breaches. This March, they were responsible for 84.6% of breaches.

Although this isn’t a great improvement from the previous months (February held 77%), researchers are concerned with the shift in where the breaches came from. In March, only 3% of patient records were due to a third party. In an industry where doctors and physicians need to access patients records immediately as a matter of life and death, internal security is probably not at its highest. This compromise of easy access and security is a risky balance healthcare providers are playing with. Without necessary security measures, administrative errors are easily caused with significant consequences.

In the past year or so, there has also been the trend of data ransoming. With large databases of sensitive patient information, healthcare providers are a clear target for hackers and fraudsters. Hospitals and other healthcare providers may be in need of a security overhaul to protect patient’s information and their lives.

Some improvements

On a lighter note, the PBR reported an improvement with the time it took for healthcare organisations to report data breaches to the HSS. Although, probably due to extreme cases, the average time it took for incidents to be reported in February was 47 days. In March, they saw a drastic reduction with an average of only 45 days. The HHS usually requires that data breaches are reported to them within 60 days.

In a modern world where we all need access to information quickly, security measures seem to always be a step behind. New apps and portals for easy and fast information access makes it easy for users to accidentally breach data. Hackers and other malicious third parties are following this trend to their advantage. Why go to the trouble of planning and carrying out a robbery in a secure facility when you can hack a company’s unsecure database and ransom the important and sensitive information with a few clicks from the comfort of your own home?

Start Your Claim

You can call our claims team free from a landline or mobile on 0800 634 7575 or click on the link below to create a call back with one of our expert Data Claims team.Information on how we handle your data is available in our Privacy Policy.

We offer genuine No Win, No Fee agreements for our clients. Why we do this is simple:

Leading Data Breach Lawyers
Our experience speaks for itself.
We will fight for your right to compensation.
Access to Justice
As a victim of a data breach or hack, you deserve your chance to get access to justice.
Risks Assessment
We carefully risk assess your case and take it on if we think we have a good chance of winning the claim.

Request A Callback From Our Team

Fill out our quick call back form below and we'll contact you when you're ready to talk to us.

Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy

solicitors regulation authority

Contact is © of Your Lawyers Limited - we are 'Authorised and Regulated by the Solicitors Regulation Authority (SRA number 508768)'
arrow-up icon