Health Care Sector Accounted for 15% of Calif. Data Breaches in 2013
The number of data breaches reported by the health care industry and other sectors in California increased by 28% from 2012 to 2013, according to an annual report released by California Attorney General Kamala Harris (D), the Sacramento Business Journal reports (Anderson, Sacramento Business Journal, 10/28).
Findings
Overall, the report found that there were a total of 298 breaches reported in the state in 2012 and 2013, including 167 last year (Attorney General report, October 2014).
Most of the breaches were caused by malware and hacking.
The breaches affected 18.5 million Californians -- up 600% from the 2.5 million affected by breaches in 2012 (Sacramento Business Journal, 10/28).
Details of Health Care Breaches
According to the report, 25 data breaches reported to the state attorney general's office in 2013 were within the health care sector, accounting for 15% of the total 167 breaches.
Health care breaches in 2013 affected 1.1 million records, accounting for 6% of total records affected by data breaches in the state last year.
The report also found that in the health care sector during 2012 and 2013:
- 70% of breaches were caused by physical theft or loss;
- 20% were caused by errors; and
- 9% were caused by malware and hacking.
More than 50% of breaches in the health care sector involved Social Security numbers, while 75% involved health information.
Recommendations
The report recommends that the health care sector "[c]onsistently use strong encryption to protect medical information on laptops and on other portable devices and should consider it for desktop computers."
It notes that full encryption is an "affordable solution" and should be applied to in-office computers, laptops and portable devices (Attorney General report, October 2014).
This is part of the California Healthline Daily Edition, a summary of health policy coverage from major news organizations. Sign up for an email subscription.