iTnews
  • Home
  • News
  • Technology
  • Security

Proliferating HIPAA complaints and medical record breaches

By Sue on May 27, 2008 2:06PM

The number of complaints regarding violations of the U.S. Health Insurance Portability and Accountability Act (HIPAA) continue to increase each year in tandem with an increase in breaches of medical records.

In addition, a growing number of these complaints are going unresolved.

The protected health information (PHI) security and privacy goals of HIPAA in spirit and intent are good, Herold, leader of the Realtime IT Compliance Community, told SCMagazineUS.com on Friday. The regulatory oversight of the U.S. Department of Health and Human Services (HSS), however, has been underwhelming, she said.

The statistics provided about Privacy Rule complaints clearly show the numbers increasing on an annual basis, she added. This is a result not only of the growing numbers of privacy breaches, but also of the public's growing awareness of the risks involved with PHI breaches, and the fact that covered entities clearly have a law requiring them to protect PHI, but it is a law that is not being enforced.

Over the past five years, there were over 32,000 reports of complaint about HIPAA to the Office of Civil Rights (OCR), Herold said. Approximately 25,500 of these have been resolved.

“It is also important to point out that the same four issues have been the top issues where complaints were received every single year,” said Herold.

Those issues are impermissible uses and disclosures, safeguards, access, and minimum necessary.

“These categories of vulnerabilities are significant contributors to privacy breaches,” she said.

The health care sector continues to be an industry that suffers from large numbers of data breaches, Doug Pollack, chief marketing officer of ID Experts told SCMagazineUS.com.

“This can be partially attributed to the essential need for access to confidential patient information on a real time basis by medical professionals,” he said.

“While they may not correlate directly, it isn't surprising that there is an increase in both the number of data breaches and the number of HIPPA violation complaints.

"While there is no simple answer to substantially reducing the risks that lead to data  breaches in the medical community, a large number of breaches in healthcare are caused by loss or theft of physical files or laptops, and so more rigorous physical security policies and data encryption standards for laptops may be a very good place to start.”


See original article on scmagazineus.com
Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:
andbreachescomplaintshipaamedicalproliferatingrecordsecurity

Partner Content

Security: Understanding the fundamentals of governance, risk & compliance
Promoted Content Security: Understanding the fundamentals of governance, risk & compliance
Accenture and Google Cloud team up to create a loveable, Australian-first, renewable energy product
Promoted Content Accenture and Google Cloud team up to create a loveable, Australian-first, renewable energy product
Avoiding CAPEX by making on-premise IT more cloud-like
Promoted Content Avoiding CAPEX by making on-premise IT more cloud-like
Security "mindset shift" needed to protect organisations
Promoted Content Security "mindset shift" needed to protect organisations

Sponsored Whitepapers

Extracting the value of data using Unified Observability
Extracting the value of data using Unified Observability
Planning before the breach: You can’t protect what you can’t see
Planning before the breach: You can’t protect what you can’t see
Beyond FTP: Securing and Managing File Transfers
Beyond FTP: Securing and Managing File Transfers
NextGen Security Operations: A Roadmap for the Future
NextGen Security Operations: A Roadmap for the Future
Video: Watch Juniper talk about its Aston Martin partnership
Video: Watch Juniper talk about its Aston Martin partnership

Events

  • CRN Channel Meets: CyberSecurity Live Event
  • IoT Insights: Secure By Design for manufacturing
  • Cyber Security for Government Summit
By Sue
May 27 2008
2:06PM
0 Comments

Related Articles

  • Qld gov proposes mandatory data breach reporting for agencies
  • Critical Splunk bug propagates code execution
  • Researchers hacked Oracle servers to demo serious vulnerability
  • Don't remove PowerShell: US, UK and NZ security agencies
Share on Twitter Share on Facebook Share on LinkedIn Share on Whatsapp Email A Friend

Most Read Articles

Qantas calls time on IBM, Fujitsu in tech modernisation

Qantas calls time on IBM, Fujitsu in tech modernisation
Service NSW hits digital services goal two years early

Service NSW hits digital services goal two years early
SA Police ignores Adelaide council plea for facial recognition ban on CCTV

SA Police ignores Adelaide council plea for facial recognition ban on CCTV
NBN Co says TPG tie-up could help Telstra sidestep spectrum limits

NBN Co says TPG tie-up could help Telstra sidestep spectrum limits

Digital Nation

COVER STORY: Operationalising net zero through the power of IoT
COVER STORY: Operationalising net zero through the power of IoT
The security threat of quantum computing
The security threat of quantum computing
IBM global chief data officer on the rise of the number crunchers
IBM global chief data officer on the rise of the number crunchers
Crypto experts optimistic about future of Bitcoin: Block
Crypto experts optimistic about future of Bitcoin: Block
Integrity, ethics and board decisions in the digital age
Integrity, ethics and board decisions in the digital age
All rights reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorisation.
Your use of this website constitutes acceptance of nextmedia's Privacy Policy and Terms & Conditions.