In January, 61 data breaches of 500 or more records were reported to the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR), which is a 22% month-over-month reduction in reported data breaches, with data breaches falling to two below the monthly average of 63 data breaches a month. While the reduction in data breaches is good news, January is typically a relatively quiet month for healthcare data breaches, and January’s figures are 45% higher than January 2023.
Thank you for reading this post, don't forget to subscribe!For the second consecutive month, there was a fall in the number of breached records with 8,800,875 healthcare records breached in January. As with the number of reported breaches, the reduction is good news but the number of breached records is much higher than in previous years.
Further, in January 2024, 4 cyberattacks were reported to OCR where the total number of records involved has yet to be determined. To meet the reporting requirements of the HIPAA Breach Notification Rule – which requires data breaches to be reported within 60 days of discovery – those four data breaches were reported using a placeholder of 500 or 501 records. January’s total will therefore be considerably higher.