Over Five Million Now Victims of Healthcare Breaches

Tuesday, November 23, 2010

Headlines

69dafe8b58066478aea48f3d0f384820

The Department of Health and Human Services' Office for Civil Rights has released statistics on health information breaches that show a total of 5.35 million Americans' records have been compromised in 192 data loss incidents since September 2009.

One of the most recent breaches at Keystone/AmeriHealth Mercy Health Plans involved over 280,000 records, including personally identifiable information, that were on an unencrypted sub drive that can not be found.

The number of health information breaches is generally on a downward trend according to data collected under the HITECH act mandates, and the majority are due to lost or stolen data storage devices.

According to the HITECH Act's breach reporting rules, all events that affect 500 or more records need to be reported, including notifications being sent to those whose information has been compromised within 60 days. 

One-fifth of the breaches reported involved data loss events caused by business associates, a hot topic in HIPAA guidance.

Healthcare providers, insurance companies, and other entities charged with preserving sensitive healthcare data may be held responsible for breaches by their business associates.

It is the responsibility of the organization to make sure all business associates are HIPAA/HITECH compliant.

Source:  http://www.healthcareinfosecurity.com/articles.php?art_id=3120

Possibly Related Articles:
3517
HIPAA
Healthcare Provider
Data Loss breaches HIPAA HITECH Healthcare Headlines
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.