More than 19 million electronic health records (EHRs) in the U.S. have been affected by security breaches since August 2009, the date when reporting of such incidents became mandatory. In 2011, the number of total records breached increased by 97% compared to 2010, according to a report published by Redspin.
The IT security assessment firm's "2011 Breach Report/Protected Health Information" report called the problem a national epidemic, noting that at least one large IT data breach incident has been reported in 46 of the country's 50 states.
Almost 40% of all electronic record breaches occurred on a laptop computer or other portable media. The numbers of records breached due to loss of unencrypted devices by employees increased 525% in 2011. The report stated that the problem is likely to get worse because smartphones and mobile tablets are now in use in 80% of healthcare organizations.
Sixty percent of all breaches were the result of malicious intent, including hacker attacks, "insider IT incidents," and theft.