Skip to main content 
Healthcare Data Breaches
Healthcare Data Breaches: What to Do if Your Medical Info Is Exposed
- The Fee Is Free™. Only pay if we win.
- America's Largest Injury Law Firm
- Protecting Families Since 1988
- $15 Billion+ Won
- 800+ Lawyers Nationwide
Free Case Evaluation
Porter Ranch Gas Leak
Jacob T. Rodgers v. City of Gainesville D/B/A Gainesville Regional Utilities
Estate of Frank Townsend v. RJ Reynolds, et al.
Morgan Stanley Data Security Litigation
Stephen Davis v. Levon Clark, Ricardo Williams, Marty Grifka and Derek Pak
McAdams v. Monier Lifetile, LLC
Coleman v. Martinez
Gold v. Lumber Liquidators
Clemmons v. ECORE et. al, Philadelphia County
Brink v. Ruiz
The attorneys featured above are licensed in Florida. For a full list of attorneys in your state please visit our attorney page.
Healthcare Data Breaches: What to Do if Your Medical Info Is Exposed
Cyberattacks and data breaches have been up to across the board since COVID-19 drove our lives increasingly online. But when it comes to the unauthorized disclosure of personal information, the healthcare industry is in a class of its own.
Over the last decade-plus, the healthcare sector has experienced more data breaches than any other sector. This trend has only accelerated in recent years, with healthcare data breaches rising more than 25% last year.
Digital healthcare is promoted as facilitating patient care and providing more cost-effective services. However, vulnerabilities in digital health systems allow bad actors to breach cyber defenses and gain access to sensitive patient data. You don’t have much control over your health data once it is in the system. You do have control over what happens after a healthcare data breach. If your health records were compromised, contact the award-winning data privacy attorneys at Morgan & Morgan.
How it works
It's easy to get started.
The Fee Is Free™. Only pay if we win.
Results may vary depending on your particular facts and legal circumstances.
Step 1
Submit
your claimWith a free case evaluation, submitting your case is easy with Morgan & Morgan.
Step 2
We take
actionOur dedicated team gets to work investigating your claim.
Step 3
We fight
for youIf we take on the case, our team fights to get you the results you deserve.
Client success
stories that inspire and drive change
Explore over 55,000 5-star reviews and 800 client testimonials to discover why people trust Morgan & Morgan.
Results may vary depending on your particular facts and legal circumstances.
Get answers to commonly asked questions about our legal services and learn how we may assist you with your case.
Healthcare Data Breaches FAQs
How Common Are Healthcare Data Breaches?
The healthcare industry is the top data breach target and has been for quite some time. Healthcare data breaches have doubled since 2014.
According to the medical journal Healthcare, from 2005 to 2015, the healthcare sector faced the highest number of data breaches of any industry. Of the 6,355 data breaches reported during that time, the healthcare industry accounted for more than 60%. From 2015 to 2019, the healthcare industry experienced 1,587 data breaches—about three-quarters of all data breaches.
Once again in 2021, the healthcare industry is on track to have the highest number of data breaches, reports HIPAA Journal. During the first six months of 2021, 238 healthcare data breaches were reported. HIPAA Journal also reports that there was a 25% increase in healthcare breaches from 2019 to 2020.
What Is Considered a Healthcare Data Breach?
Hospitals and other healthcare organizations process and store a wide range of personal patient data such as Social Security numbers, medical history, insurance information, names, address, phone numbers, and even vehicle identifiers.
Generally, a healthcare data breach is any illegal disclosure or use of private health information without the patient’s authorization. HIPAA defines a data breach as “the procurement, access, use, or exposure of confidential health information illegitimately, which compromises the privacy or security of that confidential health information.”
Protected Health Information (PHI) can be illegally exposed to third parties in a number of ways. Most people think of cybercriminals breaking into a database when they hear the word “data breach.” And while hacking, ransomware, and related cybersecurity incidents are common forms of data breaches, breaches can also occur in other ways, including unauthorized disclosures from within the healthcare organization, the lost or theft of devices, and miscellaneous breaches, such as improper document disposal.
Was Your Healthcare Data Stolen? Download Your Free Copy of Our Data Breach Lawsuit Guide.
Why Are Healthcare Data Breaches So Prevalent?
For starters, PHI is more valuable to criminals on the black market than credit card credentials or other types of personally identifiable information (PII). That’s because PHI has at least 18 different information identifiers. The sheer amount of data available from a healthcare record makes it a treasure trove of information that hackers and cybercriminals can sell, or hold hostage using ransomware attacks. According to the Center for Internet Security, the average cost per stolen record for a healthcare data breach is $355, compared to $158 for a stolen non-healthcare-related record.
In addition, the healthcare industry, like many industries, has undergone a digital transformation through the use of cloud based storage, digital devices, and the replacement of paper-based systems with electronic health records. Healthcare organizations collect sensitive information from patients and store them on network servers where it is accessible all the time, not only to health experts, but to criminals. Healthcare systems are also complex environments where a large number of computers, devices, and equipment must be secured, and data may be stored on less secure networks, says Security Intelligence.
COVID-19 coincided with a sharp uptick in data breaches across industries. The pandemic increased our reliance on online infrastructure and, as a result, made us more vulnerable to cyberattacks. With greater utilization of telehealth, more people working from home, and more services coming online, basic hospital infrastructure like pneumatic tube systems can become a cyberattack vector.
What Are the Costs of a Healthcare Data Breach?
Your stolen healthcare record is worth hundreds of dollars on the black market, but that amount vastly undervalues the real cost of a data breach to you.
Among other things, criminals can use stolen healthcare data to target you with fraud and scams, create fake insurance claims, illegally gain access to prescriptions for personal use or resale, use your data to open credit accounts, access your banking, and even blackmail you with sensitive medical details. Security research firm Ponemon Institute found that medical identity theft victims spend an average of $13,500 to resolve the fraud, which can include paying off fraudulent medical bills, restoring their credit, and correcting health record inaccuracies.
What Should I Do if My Healthcare Information Is Compromised?
It isn’t your fault that your data was stolen, so why should you have to pay to set things right? Even if you’re offered free credit monitoring services, that isn’t likely to go far enough. You may be entitled to much more money for your troubles. A lawyer can help you recover compensation for your financial losses, time spent dealing with the data breach, and other damages.
Morgan & Morgan’s data privacy lawyers have successfully handled many high-profile data breach cases, including claims against Yahoo, Capital One, Equifax, and MGM Grand. If you were the victim of a data breach, don’t waste any time taking action. Contact Morgan & Morgan right away to talk to a lawyer.