2012 HIPAA Violations and Audits

Posted 7.5.12 by

The following statistics are from HHS’s infamous Wall of Shame (website posting of all unencrypted breaches affecting over 500 individuals).

In August, I wrote a blog post on 2011 HIPAA Violations and Audits and created an infographic representing the type of breach by percentages. Now over a year later, it’s time for an update on the distribution of breach types.

April Sage, Online Tech Director of Healthcare Vertical and Marketing compiled the following statistics from HHS’s infamous Wall of Shame (website posting of all unencrypted breaches affecting over 500 individuals):

  • 39.1% Theft
  • 36.3% Loss
  • 9.4% Unknown
  • 8.6% Hacking/IT Incident
  • 5.8% Unauthorized Access
  • 0.8% Improper Disposal
2012 HIPAA Violations Update

2012 HIPAA Violations Update


While the greatest type of breach involved theft, what type of media was involved in the breach? Somewhat surprising is the prevalence of backup tapes, ranking the highest at 32.6%.

Next up was EMRs (electronic medical record systems) at 13.9%, and close behind in third came network servers at 13.1%. Other types of media involved included:

  • 12.7% Computer
  • 10.4% Laptop
  • 8.4% Electronic Device
  • 5.3% Desktop Computer
  • 3.5% Paper

The loss or theft of backup tapes can be easily avoided by employing an offsite backup solution that doesn’t involve tapes, or is encrypted.

Encryption is just one recommended best practice – get the complete list of HIPAA hosting requirements to meet HIPAA compliance, as well as what to look for in a HIPAA compliant data center by reading our white paper.

Or sign up for our upcoming webinar to find out how to balance security, compliance and healthcare mobility with cloud computing: Overcoming Cloud-Based Mobility Challenges in Healthcare

Recommended Reading:
What is a HIPAA Violation?
Sharing PHI Data? Legal Implications of BAAs & Avoiding HIPAA Pitfalls
OCR Audit Requirements Following a Self-Reported HIPAA Breach

About Otava

Otava provides the secure, compliant hybrid cloud solutions demanded by service providers, channel partners and enterprise clients in compliance-sensitive industries. By actively aggregating best-of-breed cloud companies and investing in people, tools, and processes, Otava’s global footprint continues to expand. The company provides its customers in highly regulated disciplines with a clear path to transformation through its effective solutions and broad portfolio of hybrid cloud, data protection, disaster recovery, security and colocation services, all championed by an exceptional support team. Learn more at www.otava.com.

Get in touch with an Otava Rep today – just provide us with a bit of information below to get started and we’ll reach out to you shortly!