Looking for a Business Associate Agreement? Download our FREE starter template.
Total HIPAA Logo

California and a Whole Lot of Breaching Going On

In 2013, the California healthcare sector had a bad year! They were responsible for 15% of the breaches by industry and 6% of the total number of records breached… 6%, that’s not so bad for total numbers, right? I mean the retail sector had 15.6 million records breached so 6% isn’t that many? Try 1.5 million records breached in 2013. That’s right 1.5 million!

California has the 8th largest economy in the world with over 38 million consumers, and according to their recent Data Breach Report, they had 17% of the 2013 data breaches that occurred in the entire US.

18.5 million is the total number of records in California that were reported breached for 2013. This was a huge increase from 2012 to 2013… how big you say? Well, in 2012 they had 2.6 million breaches so, after crunching the numbers, that’s a 600% increase from 2012 to 2013!

What went wrong here?

Most of this increase was attributed to two major retailer breaches… including the infamous Target Breach and the LivingSocial cyber attack that compromised the names, email addresses, and some passwords.

In the California healthcare sector, what is most frustrating is the way the records were released. 70% were what the California report calls physical breaches.  This is computers, portable media, mobile devices, etc., that were stolen and not encrypted. NOT ENCRYPTED…

I’m beating my head against my desk right now. I’ve been on my soapbox about this for the last 2 years. Encryption is required under HIPAA, and people, it’s not that hard!

If you remove the LivingSocial and the Target Breach from the data set, healthcare loses big time! Hypothetically, let’s just say you take those 2 large breaches out of the equation; you’re left with 3.5 million records that were breached. This means healthcare was responsible for roughly 43% (42.8571% if you want to be really accurate)

The sad part is 70% of the California healthcare breaches were preventable. If the devices involved had been encrypted and password protected, there wouldn’t have been a breach! That’s over 1 million records that would have been protected if the healthcare sector would do their job, and encrypt those computers… (Beating head against desk again)

Well, you ask, isn’t encrypting computers hard?

NO! Computers today will take care of all this heavy lifting for you. If you’re on a PC and using Windows 7 Ultimate or Enterprise or Windows 8, there is a program called BitLocker. It’s free… turn it on! (Windows 7 Starter, Home Basic, Home Premium, and Professional don’t have BitLocker built in, and if you’re using XP you needed to fix that 6 months ago!) If you’re on a Mac, the encryption program is called FileVault2… again, turn it on. It’s FREE!

With processors today, encryption won’t slow your computer down, and it might save you and your practice or company a major headache, as well as some serious fines! Also, make sure you have your device’s password protected with a difficult password. Encryption doesn’t mean a thing if you don’t have a strong password! Here is our blog to help you with passwords if you have any questions.

HIPAA has been around for a long time here, folks, and there is no excuse for your desktop, laptops, mobile devices, backup drives, etc. to not be encrypted and password protected!

Sharing is caring!


Looking for a Business Associate Agreement?

Download our free template to get started on your path toward HIPAA compliance.

Download Now

Let's keep in touch

Stay up to date on the latest HIPAA news, plus receive tons of free tools and info.

Navigating HIPAA Compliance in 2023

Watch the recording of this webinar to learn more about how you can become and stay HIPAA compliant!


Related Posts

What is Access Control in terms of HIPAA?

What is Access Control in terms of HIPAA?

Access control, in terms of cybersecurity, refers to the practice of managing and regulating who can access specific resources, systems, or data within an organization's network or information...

Comparing HIPAA and NIST

Comparing HIPAA and NIST

In the ever-evolving landscape of data security and privacy, two key frameworks have emerged as significant players: HIPAA and NIST. Both emphasize the importance of safeguarding sensitive...

Save & Share Cart
Your Shopping Cart will be saved and you'll be given a link. You, or anyone with the link, can use it to retrieve your Cart at any time.
Back Save & Share Cart
Your Shopping Cart will be saved with Product pictures and information, and Cart Totals. Then send it to yourself, or a friend, with a link to retrieve it at any time.
Your cart email sent successfully :)