4. All of the above
Common causes of breaches are:
- Human error (e.g. misdirected communication containing PHI or PII)
- Lost or stolen electronic media devices or paper records containing PHI or PII
- Theft and intentional unauthorized access to PHI and personally identifiable information (PII)
Theft is overwhelmingly the leading cause accounting for 54% of breaches, followed by loss or stolen media devices.