Healthcare Remains Top Target in 2022 ITRC Breach Report

January 25, 2023

2 Min Read

PRESS RELEASE

NEW YORK, Jan. 25, 2023 /PRNewswire/ -- At least 344 organizations in the healthcare industry suffered data breaches in 2022, according to a just-released report from the Identity Theft Research Center® (ITRC). This is the third year in a row that healthcare organizations led all industries in the number of data compromises.

Healthcare organizations represented 19 percent of the 1,802 breaches reported in the 2022 ITRC report, with Financial Services (268), Manufacturing and Utilities (249), and Professional Services (224) following behind. In 2021, 15 percent of the breaches tracked by ITRC affected healthcare companies.

Cyberattacks continued to be criminals' weapons of choice, with 1,595 breaches in 2022, a slight decrease from 1,613 in 2021 with drops year-over-year in the number of breaches attributed to phishing, ransomware, and malware.

Supply chain attacks outstripped malware attacks in 2022, with 115 instances affecting 1,743 organizations and at least 10 million people. Healthcare organizations were hit particularly hard by supply chain attacks as eight of the 12 supply chain breaches cited in the report affected business associates of healthcare organizations or health insurance companies.

The breaches listed below reinforce the importance of having well-crafted business associate agreements with vendors to limit liability and maintain HIPAA compliance.

  • Shields Health Care Group, Inc.: 56 Entities; 1,804,069 Victims

  • Eye Care Leaders: 37 Entities; 3,372,880 Victims

  • Practice Resources, LLC: 28 Entities; 942,138 Victims

  • MCG Health, LLC: 10 Entities; 793,283 Victims

  • Comstar, LLC: 2 Entities; 585,621 Victims

  • Adaptive Health Integrations: 1 Entity; 510,574 Victims

  • Connexin Software, Inc.: 1 Entity; 2,216,365 Victims

"Breaches like the ones affecting the business associates listed above illustrate why HIPAA Compliance must be the foundation upon which you build your privacy and security strategy," said Marc Haskelson, the CEO of Compliancy Group, the leading provider of automated HIPAA compliance solutions for healthcare organizations. "It is impossible to prevent every data breach, especially when it happens outside of your organization, but HIPAA compliance can limit your liability and expose potential problems with suppliers through the due diligence that takes place while forging a business associate agreement.

About Compliancy Group

Compliancy Group gives healthcare professionals confidence in their compliance plan, increasing client loyalty, and profitability of their business while reducing risk. Their simplified software solution, and Compliance Coach® guidance, help organizations achieve HIPAA compliance with ease. Get compliant today!

SOURCE Compliancy Group

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights