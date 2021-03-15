BALTIMORE, March 15, 2021 /PRNewswire/ -- Over 40 million patient records were breached in 2020, according to new data released today in the Protenus Breach Barometer®. Published by Protenus, a healthcare compliance analytics company that protects patient data for the nation's leading health systems, the Breach Barometer is the industry's definitive source for health data breach reporting.

Hospitals and health systems experienced unprecedented challenges as they grappled to get a handle on the varying components and associated effects of COVID-19. One ramification was the increase in breaches to patient data. There were 758 reported health data breaches in 2020, increasing from 572 reported in 2019. A new trend of at least two health data breaches per day has also emerged, increasing from the trend of one breach per day reported since 2016.

The single largest breach reported in 2020 was the result of a hacking incident involving ransomware. The incident involved a large Catholic health system and its philanthropic data vendor, Blackbaud. The hackers gained access to the health system's donor database and were able to partially remove donor information that included date of birth, inpatient/outpatient status, contact information, and other sensitive patient information. This hacking incident affected 3,320,726 patient records.

Insiders continue to pose significant risk to patient trust and can be costly for affected institutions. In one incident, a New York-based medical center began notifying patients in January that an employee illegally accessed electronic health records and viewed clinical information, including test results and diagnoses. Though the motive for snooping wasn't disclosed, the incident occurred from June to November 2020, as COVID-19 cases were surging.

