Nearly 20 million patients had their personal and health information exposed in data breaches reported to the federal government in the first half of 2022, according to a Modern Healthcare analysis.
As of Tuesday, the Health and Human Services Department's Office for Civil Rights lists 338 breach reports submitted to the agency by healthcare providers, insurers and their business associates through the end of June. The tally represents the second-highest number of breach reports filed in the first half of a year, following last year's 368 reports.
A cyberattack at Shields Health Care Group in March is the largest incident reported so far this year, potentially compromising data on an estimated 2 million patients.
Four of the 10 largest data breaches were reported to the Office for Civil Rights last month, affecting more than 4 million patients. Healthcare entities governed by the Health Insurance Portability and Accountability Act must disclose data breaches within 60 days of discovering them, meaning some of the incidents reported in June may have occurred in April or earlier.