Data Loss Prevention Blog

Survey Says: 2016 was a record year for HIPAA data compliance breaches

According to a recent analysis of 450 data breach incidents reported to the U.S Department of Health and Human Services or disclosed in the media, 2016 was another record year for HIPAA data compliance breaches.

The study was completed by the healthcare analytics company, Protenus, and it showed that over 27 million patient records were compromised in 2016, which is the most ever recorded in a single year.

And it should come as no surprise that 43% of the 2016 health data breaches (192 incidents) were a result of trusted insiders. 99 of these incidents were a result of an insider-error or accident, while 91 incidents were a result of wrongdoing. (In two cases, there wasnt enough information to determine the cause).

  • Providing solutions to combat Insider threats to confidential data, either accidental or malicious, is what DeviceLock has been focused on delivering for over 20 years.

The study also provides an ominous warning and prediction: We predict that 2017 will be the Year of Insider Breach Awareness, with organizations realizing that this constant and significant problem has gone unaddressed for too long the healthcare industry should prepare for an increase in insider health data breaches until organizations further require additional training and utilize technology to detect inappropriate accesses to the medical record, further reducing their breach risk.

Endpoint data leak prevention (DLP) is a critical part of any strategy to stop HIPAA data breaches. Why? The answer is simple: endpoints are where the bulk of insider data breaches occur.

The good news is that an effective endpoint DLP solution can be implemented in days/weeks and not take months/years. And it doesnt require a complex internal process, expensive VAR/vendor services, or endless analyst meetings to get up and running.

DeviceLock DLP is already used by healthcare organizations around the world, and in fact, a major HIPAA compliance organization in the US has deployed it across all their endpoints (numbering in the several thousands).

  • Weve created a short piece on how DeviceLock DLP can help you stop data breaches and work toward achieving HIPAA compliance, including device/port control, content filtering, network protocol endpoint security, and content eDiscovery. Click here to read it.

HIPAA data breaches are showing no sign of slowing down in 2017, so If implementing endpoint DLP is not on your current IT project schedule, then its time to make it a TOP priority. The potential fines/loss of reputation of a data breach absolutely swamp the costs of deploying a best of breed endpoint DLP solution like DeviceLock.

If youd like to trial the DeviceLock DLP Suite for 30 days, please visit our website at: For more information on DeviceLocks DLP solutions, call us at 925-231-4400 or email to us.sales (at) to talk to one of our endpoint security specialists.