The U.S. Department of Health and Human Services counts nearly 200 health information data breaches of records for 500 or more individuals. The breaches often occur at "highly respected and sophisticated healthcare providers," writes Michael Kline of the Fox Rothschild law concern.
Among them is the Mayo Clinic, which last July saw unauthorized access of the electronic medical records of 1,740 patients, and the New York University School of Medicine's Aging and Dementia Clinical Research Center, where the theft of a portable device compromised 1,200 records. St. Jude's Research Hospital in Tennessee lost a laptop and 1,745 records.
Information concerning the data breaches is available on the HHS website. But the agency changed its location on the site in July, apparently without notification, leading some breach-watchers to believe it had abandoned the effort.
- here's the correct breach page
- and here's Kline's column