More than 29 million U.S. health records were compromised in data breaches between 2010 and 2013, according to a study published this week in the Journal of the American Medical Association (JAMA).
The researchers from Kaiser Permanente and Stanford University used a government database to study 949 data breaches during that four-year period that involved unencrypted health data, including personally identifiable information.The researchers included only incidents that affected 500 individuals or more — so they warned the study "likely underestimated the true number of health care data breaches occurring each year."
About two-thirds of these health breaches involved electronic data, often stored on a laptop or other portable device, and more than 58 percent of the breaches happened via theft.
Breaches carried out by hacking are on a scary rise: That figure jumped from about 12 percent of breaches in 2010 to more than 27 percent in 2013.
The 29.1 million health records involved in the breaches studied don't necessarily mean 29.1 million individuals were affected, the researchers noted, as some people may have been breached multiple times and some records may be duplicates.
But the figure is still high enough to scare the JAMA staff, who published an editorial based on the study's findings. The editorial began bluntly: "The personal health information of patients in the United States is not safe, and it needs to be."
Who Owns Your Health Data?May 12, 201400:02
- Anthem Hack: Credit Monitoring Won't Catch Medical Identity Theft
- Premera Blue Cross Hacked: 11 Million Customers Could Be Affected
- Apple Launches "ResearchKit" for Medical Studies