Interesting article in JAMA last week, that looked at the annual breach volumes of different HIPAA entity types, based on a review of public data between 2010 and 2017. It turns out that Health Care provider entity types were most under attack. However, despite a much smaller volume of attacks, Health plans have a cumulative number of records breached from 2010 to 2017 surpassing 110 million, compared to Health Care providers at 37 million cumulative records breached, and Business Associates with 28 million cumulative records breached.
Across all provider entity types, the largest share of breached records were stolen from network servers (139 million or 79%), and the most common breach type was hacking. Until only recently, Business associate entity types were once the leading source of breached data, but that changed in 2015 when Health plans lost over 100 million records. Review the entire article here.