A new Breach Barometer Special Report: Third Party Breaches published by Databreaches.net in collaboration with Protenus highlights that more than 30 percent of patient data breaches are a direct result of third-parties. Community physicians, affiliates, and certain vendors often have extensive access to patient data in the electronic health record (EHR). This increase in the number of users who have EHR access creates a huge vulnerability for healthcare systems and a headache for compliance teams. While vendors are often long-time trusted partners, relationships that add a large number of new EHR users or provide vendor employees with access to patient data create significant patient privacy monitoring challenges.

The Protenus team was deeply honored and humbled when we received the 2016 HPE-IAPP Privacy Innovation Award for Technology. There is no greater privilege than to be recognized by your peers for making real contributions to enhancing patient privacy.

Headlines about data breaches are all too common recently, with large companies like Target and Home Depot experiencing large-scale data breaches. The healthcare industry was hit particularly hard in the past few years, with organizations like Anthem Inc. and St. Joseph Health System, to name but two, suffering massive health data breaches.

The number of breached records reported in August totals an unsettling 8,804,608. While this total does not exceed the staggering 11 million records we reported in June, it once again demonstrates that PHI breaches continue to be a huge problem for a wide array of institutions.  Even more troubling, one breach reported this month began in 2008, taking more than eight years to be publicly reported.

The Protenus Breach Barometer is a monthly snapshot of reported or disclosed breaches impacting the healthcare industry, with data compiled and provided by DataBreaches.net.

Sign-up to be one of the first to receive our Breach Barometer each month.

Being HIPAA-compliant has been a hot topic among healthcare organizations ever since HHS published the HIPAA Security Rule on February 20, 2003. The Security Rule established the standards a healthcare organization had to meet in order to comply with rules set in place to better protect patient privacy. The sad truth is, however, that many organizations do not meet these standards, and now, with healthcare data breaches on the rise, it is more important than ever for organizations to take proactive measures to protect the privacy of their patients.

Download the Protenus Privacy Primer to view the full spectrum of privacy postures in healthcare today and see how your organization is stacking up.