The 10 largest healthcare data breaches of 2016

Hackers hit providers and a business associate to expose records of millions of patients.


Providers were among top targets for cyber attacks in 2016

Cyber attacks hit nine providers and a business associate in the 10 largest hacks of 2016. The number of records accessed were down significantly from 2015, when hackers were able to break into records of large insurers.

Here are the top 10 healthcare data breaches of 2016, according to the breach website maintained by the Office for Civil Rights of the Department of Health and Human Services. Providers that were hacked provided responses to the allegations of the breaches within stories that Health Data Management reported this year.



Banner Health

Phoenix, Ariz.

3.62 million affected individuals

The attack affected patients, health plan members and beneficiaries, providers, and even those who bought food and beverages with a payment card. The hackers hit a “limited” number of computer services as well as the computer systems that process food and beverage purchases.

Read the HDM story here.



NewKirk Products (business associate)

New York

3.47 million affected individuals

Newkirk, a vendor that issues identification cards for payers in the healthcare insurance industry, was hacked this summer.

Read the HDM story here.



21st Century Oncology Holdings

Ocala, Fla.

2.21 million affected individuals

The information was exposed following the hack of a network server in an incident believed to have occurred late in 2015 but only reported in the spring.

Read the HDM story here.



Valley Anesthesiology and Pain Consultants

Phoenix, Ariz.

882,590 affected individuals

The large practice, with more than 300 providers serving multiple hospitals across the greater Phoenix metropolitan area, was hacked through a network server.

Read the HDM story here.



Bon Secours Health System

Richmond, Va.

651,971 affected individuals

The integrated delivery system notified patients this summer after a business associate inadvertently made protected health information accessible via the Internet.

Read the HDM story here.



Peachtree Orthopaedic Clinic

Atlanta

531,000 affected individuals

Network server was hacked, with information on the attack released this fall. The organization acknowledged the breach in a notice on its web site on September 22.



Radiology Regional Center

Fort Myers, Fla.

483,063 affected individuals

Data was released following the loss of paper/film records from a truck.

Read the HDM story here.



California Correctional Healthcare Services

Elk Grove, Calif.

400,000 affected individuals

Protected health information was put at risk after the theft of a laptop computer.

Read the organization’s press release on the breach here.



Central Ohio Urology Group

Gahanna, Ohio

300,000 affected individuals

Information was accessed following the hack of an internal file server on the organization’s network.

Read the organization’s latest update on the incident here.



Premier Healthcare LLC

Bloomington, Ind.

205,748 affected individuals

Protected health information was put at risk after the theft of a laptop computer.

Read the HDM story here.



More for you

Loading data for hdm_tax_topic #care-team-experience...