12:23 PM
This year shone a spotlight on cybersecurity, with federal agencies warning in October of an "increased an imminent" cyber threat to hospitals fueled by the COVID-19 pandemic.
But not every security incident was caused by major ransomware attacks, of course. Some costly breaches were caused by much more mundane activities, such as improperly disposed materials or employee snooping.
By law, the U.S. Department of Health and Human Services' Office of Civil Rights must publish a list of breaches of unsecured protected health information affecting 500 or more individuals. It's worth noting that not every incident on this list happened in 2020, nor has every incident that took place in 2020 been reported yet.