(HealthDay News) — Breaches in data security exposed more than 29 million health records to potential criminal misuse between 2010 and 2013, according to a new study. Security breaches involving hacking have nearly doubled in recent years, rising to 8.7% in 2013 compared with 4.7% in 2010, according to the study, published as a research letter in the April 14 issue of the Journal of the American Medical Association.
Vincent Liu, M.D., a research scientist with the Kaiser Permanente Division of Research in Oakland, and colleagues evaluated an online database maintained by the U.S. Department of Health and Human Services that lists data breaches of unencrypted health information, as reported by health plans and physicians under the Health Insurance Portability and Accountability Act, or HIPAA.
The study authors identified 949 breaches affecting 29.1 million records. 6 breaches involved more than 1 million records each, and the number of reported breaches increased over time, rising from 214 in 2010 to 265 in 2013. Breaches were reported in every state. But 5 states — California, Florida, Illinois, New York, and Texas — accounted for 34% of all breaches.
2/3 of data breaches occurred via electronic media — either through theft of a laptop or tablet computer or unauthorized access to records through e-mail, a computer terminal, or network server, the researchers said. Only 22% of the breaches involved paper records.