top of page

The Most Common Causes of HIPAA Breaches in 2018

Updated: Apr 25, 2021

2018 Common Causes of HIPAA Breaches

The Health Insurance Portability and Accountability Act (HIPAA) Privacy, Security, and Breach Notification Rules were implemented to help ensure the privacy and security of patient health information and provide individuals with specific rights to their health information.

While many industries are subject to regulatory compliance, healthcare has proven to be unique in that (according to a recent report by Verizon) most HIPAA breaches are caused by internal users rather than external actors. Specifically, human error and misuse of employee privileges were responsible for many more security incidents than hacking and malware.

2018 was a Record-Breaking Year for HIPAA Breaches

Since 2009, the Department of Health and Human Services’ Office for Civil Rights has released a list of U.S. healthcare data breaches. In that time, it has reported more than 2,500 HIPAA data breaches. Those breaches have resulted in the exposure of almost 200,000,000 healthcare records. That number equates to the records of roughly 60% of the population of the United States.

In 2018, IT incidents combined with unauthorized access/disclosures accounted for more than 80% of all reported data breaches. Much of this can be attributed to the fact that medical employees are using more technology in their work than ever before. The fact is that, while that new technology brings great opportunities for efficiencies, it also creates new challenges regarding efforts to keep protected health information (PHI) secure.

The Importance of HIPAA Training for Employees

Because patient privacy is critically important in all areas of healthcare, effective HIPAA training is a must for any covered entity. Thorough HIPAA training should be offered to all employees that encounter PHI in their job roles in order to ensure that this information is safeguarded and protected.

The increased focus on HIPAA compliance makes clear the necessity for healthcare organizations to implement comprehensive policies and procedures around patient data protection. In fact, the numerous breach announcements prove that many breaches occur because workers have not been trained regarding the nature of HIPAA breaches and how they can be avoided. This lack of understanding, though, can be eliminated though with solid training.

eLearning for HIPAA Training

In recent years as online technologies have continued to evolve, eLearning has emerged as a cornerstone for HIPAA training programs.

If your organization is considering the implementation of eLearning for HIPAA training, some of the benefits you can expect include:


Unlike classroom-based training, eLearning allows your employees to conduct their HIPAA training at any time and from any place that is convenient for them. All they need is an Internet connection. Offering this level of convenience and comfort for your employees lends to a better learning experience.


eLearning is a less expensive alternative to classroom-based training as it eliminates many major expenses, such as travel, venue expenses, meals, and the costs of distributing printed materials. And eLearning activities can be conducted after hours, thus eliminating lost productivity costs associated with pulling workers away from their duties.


Many eLearning platforms include tools for data collection and analysis. The review of this data can be very valuable as you work to revise and improve your HIPAA training program over time.


eLearning activities can be supported by online tools that enable both group and one-to-one communications. This is especially valuable for large organizations with remote employees as they may benefit from the opportunity to engage in online communications regarding the learning content. These tools also allow for the collection of user feedback which, like data measurements, can help to revise and improve your HIPAA training program over time.

LMS Portals for Employee HIPAA Training

LMS Portals provides a cloud-based eLearning platform for HIPAA employee training. Our system lets you build your own customized and branded eLearning portal to support HIPAA and other employee training activities.

Contact us to get started today!

26 views0 comments


bottom of page