The United States Department of Health and Human Services Office of Civil Rights (US Dept of HHS OCR) maintains a "breach portal reported within the last 24 months that are currently under investigation by the Office for Civil Rights." Breaches occur through the loss of Patient Health Information (PHI). A list of 18 HIPAA PHI identifiers is here.
The data reported on the OCR website was graphed into the Quantitative poster.
The questions asked on the quantitative poster were:
(1) How many reports per state remain open to investigation?
(2) Which category of covered entity have the most open investigations?
(3) What was the cause of the open breach investigations?
(4) Where was the breach information lost?
(5) Were Business Associate agreements in place when the breach occurred?