Blog | Protenus

Key Takeaways from the 2023 Breach Barometer Report

In 2022, hackers redoubled efforts to exploit ongoing healthcare industry disruption, Business Associate/Third-Party breaches wreaked havoc, and insider error compromised millions of patient records. Read proprietary analysis and insight behind the 2022 healthcare data breach stats here. 

These are some of the key findings contained in the 2023 Protenus Breach Barometer®, a retrospective report of health data breaches that occurred in 2022. The number of reported health data breaches has risen every year since Protenus began publishing the Breach Barometer in 2016.

Download the 2023 Breach Barometer® for the latest insights on how data breaches are impacting the healthcare industry.

The latest Breach Barometer is based on 956 health data breaches reported to HHS, the media, or some other source in 2022, which represented a 5% increase from the 905 breaches reported in 2021. However, the number of total patient records affected in 2022 increased 18% year over year. Data on patient impact was available for 740 of the incidents in 2022, which compromised more than 59.7 million patient records.

These numbers only reflect incidents that have been detected and reported, and HHS only requires reporting of breaches that affect more than 500 patients. Therefore, the full picture is likely much more serious. 

Hacks climb for 7th consecutive year

Hacking incidents increased for the seventh year in a row, with the number of public reports up 5% from 2021. 


Hacking incidents, which include ransomware/malware incidents, phishing/email incidents, or other kinds of attacks by external actors, accounted for approximately 75% of all reports compiled by and Protenus in 2022, and violated 51.4 million patient records in total. This category represents 86% of all breached records during the year, illustrating the enormous damage that hackers cause.

Healthcare organizations must heed the warnings to update their outdated legacy systems and invest in a proactive risk-reduction strategy to protect the patients they serve. Doing so mitigates the possibility of financial penalties and disruptions but most importantly prevents the erosion of patient trust, a huge blow to any organization.

Patient records affected by insider error skyrocket 141%

With 113 new insider incidents recorded throughout the year, insiders were responsible for 12% of the total number of breaches in 2022 — about the same as in 2021. However, insider error compromised 141% more patient records year over year.

It's critical to note that insider incidents often provide a foothold for improper access to patient data in incidents ultimately reported as hacking-related. If a healthcare worker clicks a malicious email link enabling hackers to access millions of records, the incident may be reported as a ransomware attack but insider error provided entry. 

Insider behavior may have inadvertently aided the hackers that breached 86% of all patient records in 2022, making the overall number of insider incidents vastly under-represented.

The alarming vulnerabilities insider behaviors can create should never be underestimated.

Not a matter of if or when, but how severe

Healthcare’s ever-increasing reliance on technology and critical need for thousands of workers to access massive volumes of patient data every day will drive these trends and make patient information all that more vulnerable. 

It’s not a question of if or when a health data breach will happen — it's how severe will the impacts be on your organization's finances, reputation, and more importantly, your patients' safety.

Protecting the delivery of care and driving the safest patient outcomes are the ultimate responsibility of healthcare organizations. Prioritizing investment in modern technology that offers real-time breach detection and prevention by monitoring every single access to patient data every day over outdated, report-based legacy systems is the only way to better protect patients and mitigate risk organization-wide.

Read the 2023 Breach Barometer here


Subscribe by email