Patients most frequently interact with doctors, nurses, and allied health professionals, making it easy for them to forget about all of the other people that go into running a hospital. Among the many unseen activities that go on in healthcare, hospitals need teams managing patient data, submitting insurance billing, maintaining legal compliance in clinical trials, and ordering medical supplies, in order to properly operate. Compliance teams can work with patients to help them better understand how the healthcare organizations they visit monitor and protect their electronic protected health information (ePHI).

A new Breach Barometer Special Report: Third Party Breaches published by Databreaches.net in collaboration with Protenus highlights that more than 30 percent of patient data breaches are a direct result of third-parties. Community physicians, affiliates, and certain vendors often have extensive access to patient data in the electronic health record (EHR). This increase in the number of users who have EHR access creates a huge vulnerability for healthcare systems and a headache for compliance teams. While vendors are often long-time trusted partners, relationships that add a large number of new EHR users or provide vendor employees with access to patient data create significant patient privacy monitoring challenges.

The Protenus team was deeply honored and humbled when we received the 2016 HPE-IAPP Privacy Innovation Award for Technology. There is no greater privilege than to be recognized by your peers for making real contributions to enhancing patient privacy.

Headlines about data breaches are all too common recently, with large companies like Target and Home Depot experiencing large-scale data breaches. The healthcare industry was hit particularly hard in the past few years, with organizations like Anthem Inc. and St. Joseph Health System, to name but two, suffering massive health data breaches.

The number of breached records reported in August totals an unsettling 8,804,608. While this total does not exceed the staggering 11 million records we reported in June, it once again demonstrates that PHI breaches continue to be a huge problem for a wide array of institutions.  Even more troubling, one breach reported this month began in 2008, taking more than eight years to be publicly reported.

The Protenus Breach Barometer is a monthly snapshot of reported or disclosed breaches impacting the healthcare industry, with data compiled and provided by DataBreaches.net.

Sign-up to be one of the first to receive our Breach Barometer each month.