From the hhs.gov website:
“As required by section 13402(e)(4) of the HITECH Act, the Secretary must post a list of breaches of unsecured protected health information affecting 500 or more individuals. These breaches are now posted in a new, more accessible format that allows users to search and sort the posted breaches. Additionally, this new format includes brief summaries of the breach cases that OCR has investigated and closed, as well as the names of private practice providers who have reported breaches of unsecured protected health information to the Secretary. The following breaches have been reported to the Secretary:”
While searching for statistics on data breaches, I stumbled upon the U.S Department of Health and Human Services web page for Breaches Affecting 500 or More Individuals. As of this posting there are 288 recorded incidents of unprotected health information leaking since September 9th, 2009. I like how the HHS offers to save the entire data set of information in CSV and XML formats for personal consumption. For example, this gives you the ability to sum the total of ‘Individuals Affected’ column to put things in perspective.