[Skip to Content]
Sign In
Individual Sign In
Create an Account
Institutional Sign In
OpenAthens Shibboleth
Purchase Options:
[Skip to Content Landing]
Views 2,422
Citations 0
June 23/30, 2015

Wording and Data Errors in the Text and Table

JAMA. 2015;313(24):2497. doi:10.1001/jama.2015.6026

In the Research Letter entitled “Data Breaches of Protected Health Information in the United States” published in the April 14, 2015, issue of JAMA (2015;313[14]:1471-1473. doi:10.1001/jama.2015.2252), there were wording and data errors. In the Results section, first paragraph, the first and second sentences should be “We evaluated 949 breaches affecting 29 million records between 2010 and 2013. Six breaches involved more than 1 million records each and the number of reported breaches increased over time, although the trend using linear regression did not reach statistical significance (P = .07; Table).” In the second paragraph of the Results section, the first sentence should be “Most breaches occurred via electronic media (67.4%; 95% CI, 64.4%-70.4%; Table), frequently involving laptop computers or portable electronic devices (32.7%; 95% CI, 29.7%-35.7%).” In this same paragraph, the penultimate sentence should be “The combined frequency of breaches resulting from hacking and unauthorized access or disclosure increased during the study period (12.1% in 2010 to 27.2% in 2013; P = .003).” In the Discussion section, first paragraph, the first sentence should be “Between 2010 and 2013, data breaches reported by HIPAA-covered entities involved 29 million records.” In the Table, second column entitled “Overall,” several numbers should be changed as follows: row 2, “Total No. of records affected, in millions,” should be “29.0”; row 6, “Desktop, email, or EMR,” should be “148 (15.6) [13.4-18.0]”; row 7, “Paper,” should be “212 (22.3) [19.8-25.1]”; row 8, “Network server,” should be “101 (10.6) [8.8-12.8]”; row 9, “Other,” should be “178 (18.8) [16.4-21.4]”; row 12, “Loss or improper disposal,” should be “105 (11.1) [9.2-13.2]”; row 13, “Unauthorized access or disclosure,” should be “140 (14.8) [12.6-17.2]”; row 14, “Hacking or IT incident,” should be “67 (7.1) [5.6-8.9]”; and row 15, “Other,” should be “85 (9.0) [7.3-11.0].” Also in the Table, last column, the following P values should be changed: row 1, “Total No. of data breaches reported” should be “.07”; and row 2, “Total No. of records affected, in millions” should be “.88.” Farther down in this same column, the P value for “Data breach category, No. (%) [95% CI]” for the data in rows 11-15 should be “.003.” This article was corrected online.