Nearly 1,000 major security breaches occurred from 2015 to 2017, exposing more than 135 million healthcare records and the sensitive data of more than 41 percent of the U.S. population, HIPAA Journal reports.
The worst year for healthcare security incidents — in terms of the number of breaches reported — was 2017, with two breaches involving more than half a million records.
Here are the 15 largest breaches in the last three years, and the number of records compromised.
1. Anthem Affiliated Covered Entity (2015): 78,800,000
2. Premera Blue Cross (2015): 11,000,000
3. Excellus Health Plan (2015): 10,000,000
4. UC Los Angeles Health (2015): 4,500,000
5. Medical Informatics Engineering (2015): 3,900,000
6. Banner Health (Phoenix) (2016): 3,620,000
7. Newkirk Products. (2016): 3,466,120
8. 21st Century Oncology (Fort Myers, Fla.) (2016): 2,213,597
9. CareFirst BlueCross BlueShield (2015): 1,100,000
10. Valley Anesthesiology and Pain Consultants (Phoenix) (2016): 882,590
11. County of Los Angeles Departments of Health and Mental Health (2016): 749,017
12. Commonwealth Health Corp. (Bowling Green, Ky.) (2017): 697,800
13. Virginia Department of Medical Assistance Services (2015): 697,586
14. Bon Secours Health System (Marriottsville, Md.) (2016): 651,971
15. Georgia Department of Community Health (2015): 557,779