Nearly 350,000 patient data breaches reported since 2009

Since the Health Information Technology for Economic and Clinical Health Act (HITECH) was implemented in 2009, HHS' Office for Civil Rights (OCR) has received a total of 347,090 reports on breaches of patient data, according to a report published by Health Information Privacy/Security Alert.

Roughly 344,823 of those breaches affected fewer than 500 patients each, the report said. Of those breaches, 2,267 appeared on the OCR’s website, which features a publicly accessible data breach portal that displays HIPAA violations affecting more than 500 individuals.

HITECH was enacted as part of the American Recovery and Reinvestment Act of 2009 and was signed into law on February 17, 2009. HITECH was implemented to promote the adoption and meaningful use of health information technology and established the reporting rules associated with HIPAA violations.