As required by Section 13402(e)(4) of the HITECH Act, The Office of Civil Rights of the Department of Health and Human Services has posted a list of PHI breaches affecting 500 or more individuals.  Fifty-three covered entities appear, including hospitals, physician practices, dental practices, insurers, and several state agencies.  The most common causes of the breaches reported are theft or unauthorized access of a laptop, desktop computer or portable device, but other incidents reported involved lost or stolen paper records, phishing scams and hacking, backup tapes, and even postcards.

You can access the list here.  This is a list you don’t want to be on.