The Paubox HIPAA Breach Report analyzes protected health information (PHI) breaches affecting 500 or more people as reported to the Department of Health & Human Services (HHS) in April 2022.
This report covers:
- HIPAA breaches ranked by people affected
- HIPAA breaches ranked by occurrence
- Year over year comparison
- Takeaways
- Full data
HIPAA breaches ranked by people affected
Most common breaches by type
- Network server breaches affected the most people in April 2022. 1,664,560 individuals had their data breached.
- Email breaches were the second most common breach, with 253,012 people affected.
- Electronic medical record breaches affected 81,260 breaches, the third most common breach type.
HIPAA breaches ranked by occurrence
Most common breach types
- Network server was the most common attack vector in April 2022. There were 22 network server breaches.
- Email breaches were the second most common attack vector; 15 attacks via email were reported.
- Electronic medical record breaches were reported seven times last month.
Year over year comparison
These charts compare the HIPAA data breach statistics from previous Paubox HIPAA Breach Reports with this month’s report.
HIPAA breaches ranked by people affected
What we observe
- Network server, email, and paper/films breaches affected most people overall in April 2018 – 2022.
- Network server breaches affected a total of 4,001,892 people in these months.
- Email breaches affected 1,179,371 people, and paper/films breaches affected 654,183.
HIPAA breaches ranked by occurrence
What we observe
- Email, network server, and paper/films breach types were the most common attack vectors in April 2018-2022.
- Email breaches occurred 80 total times.
- Network server breaches occurred a total of 67 times, and paper/films types occurred 28 times.
- The most significant number of email breaches happened in April 2019.
Takeaways
Network server breaches affected the most people in April 2022. Adaptive Health Integrations had the most significant breach that affected 510,574 people. ARcare had the second-largest breach that affected 345,353 people.
The yearly comparison shows that email breaches were the most popular attack vectors for bad actors over the last five April months. Over 1 million total individuals had their data breached via 80 network server breaches during this time.
Full data
Click here to view the HHS’ raw data via Google Sheets.
About the Paubox HIPAA Breach Report
The Paubox HIPAA Breach Report analyzes recent PHI breaches that affected 500 or more individuals, as reported on the HHS Wall of Shame in April 2022.