Data breaches continue to plague the health care industry, and July 2018 was the worst month so far this year in the number of data breaches reported to the Office for Civil Rights (OCR). Thirty-three data breaches were reported by covered entities and business associates in July, with the largest one reported by UnityPoint Health, a business associate—a hacking incident that exposed 1,421,107 individuals’ records.

There have been 221 data breaches (of incidents that included more than 500 records) reported to the OCR in 2018, which included the exposure of 6,112,867 individuals’ records. This number is 974,688 more records than in all of 2017.

These statistics do not bode well for the health care industry and emphasize that the health care industry continues to be a target that is proving successful for criminals.