The 10 largest healthcare data breaches of 2016
Hackers hit providers and a business associate to expose records of millions of patients.
Providers were among top targets for cyber attacks in 2016
Cyber attacks hit nine providers and a business associate in the 10 largest hacks of 2016. The number of records accessed were down significantly from 2015, when hackers were able to break into records of large insurers.
Here are the top 10 healthcare data breaches of 2016, according to the breach website maintained by the Office for Civil Rights of the Department of Health and Human Services. Providers that were hacked provided responses to the allegations of the breaches within stories that Health Data Management reported this year.
Banner Health
Phoenix, Ariz.
3.62 million affected individuals
The attack affected patients, health plan members and beneficiaries, providers, and even those who bought food and beverages with a payment card. The hackers hit a “limited” number of computer services as well as the computer systems that process food and beverage purchases.
Read the HDM story here.
NewKirk Products (business associate)
New York
3.47 million affected individuals
Newkirk, a vendor that issues identification cards for payers in the healthcare insurance industry, was hacked this summer.
Read the HDM story here.
21st Century Oncology Holdings
Ocala, Fla.
2.21 million affected individuals
The information was exposed following the hack of a network server in an incident believed to have occurred late in 2015 but only reported in the spring.
Read the HDM story here.
Valley Anesthesiology and Pain Consultants
Phoenix, Ariz.
882,590 affected individuals
The large practice, with more than 300 providers serving multiple hospitals across the greater Phoenix metropolitan area, was hacked through a network server.
Read the HDM story here.
Bon Secours Health System
Richmond, Va.
651,971 affected individuals
The integrated delivery system notified patients this summer after a business associate inadvertently made protected health information accessible via the Internet.
Read the HDM story here.
Peachtree Orthopaedic Clinic
Atlanta
531,000 affected individuals
Network server was hacked, with information on the attack released this fall. The organization acknowledged the breach in a notice on its web site on September 22.
Radiology Regional Center
Fort Myers, Fla.
483,063 affected individuals
Data was released following the loss of paper/film records from a truck.
Read the HDM story here.
California Correctional Healthcare Services
Elk Grove, Calif.
400,000 affected individuals
Protected health information was put at risk after the theft of a laptop computer.
Read the organization’s press release on the breach here.
Central Ohio Urology Group
Gahanna, Ohio
300,000 affected individuals
Information was accessed following the hack of an internal file server on the organization’s network.
Read the organization’s latest update on the incident here.
Premier Healthcare LLC
Bloomington, Ind.
205,748 affected individuals
Protected health information was put at risk after the theft of a laptop computer.
Read the HDM story here.