An analysis of five years of data from a database of major breaches affecting at least 500 individuals finds that in 2016 the reporting of such breaches exceeded 300 for the first time.
The analysis of the database, operated by the Office for Civil Rights for the Department of Health and Human Services, comes from Safetica North America. It found that well-intended clinicians sharing data results in a 10 percent breach growth rate annually, and this sharing is the primary driver of breaches, says Luke Walling, general manager at Safetica, a data loss prevention vendor operating in Europe for seven years that launched operations in the U.S. in September.
When the 10 percent of well-intended sharing is combined with other incidents of unauthorized access and disclosure, that category accounted for 41.5 percent of breaches during 2016, compared with 25 percent in 2014. Hacking accounted for nearly 32 percent this year, compared with 14 percent of incidents in 2014. Other breach rates in 2016 included theft (19 percent), loss (5.4 percent) and improper disposal (2.3 percent).
“Employees or associates accessing and sharing data they should not—or disclosing it to people they should not—was the single biggest breach factor this year,” according to the analysis.
As 2016 draws to a close, 15.2 million records have been compromised. That’s is a lot, but the 2015 number was 113.