HHS Data Tells the True Story of HIPAA Violations in the Cloud

I found this article from Software Advice  timely and important for several reasons.  First,to point out the large amount of patient data lost in data breaches but secondly to point out that, as in the famous line from the Pogo cartoon, "We have seen the enemy and he is us".

"Behold the “Wall of Shame”

Known as the “Wall of Shame,” the HHS website details 281 Health Insurance Portability and Accountability Act (HIPAA) security violations that affected more than 500 individuals as of June 9, 2011. Overall, physical theft and loss accounted for about 63% of the reported breaches. Unauthorized access / disclosure accounted for another 16%, while hacking was only 6%."
Read more: http://www.softwareadvice.com/articles/medical/hipaa-violations-arent-in-the-cloud-1062011/#ixzz1QD6c1Wk7

Most healthcare data breaches are caused by careless actions on the part of covered entity staff or business associates.  The best prevention is proper policies and procedures and ongoing training and awareness.  Unfortunately many privacy and security programs are primarily security programs and not privacy programs.  Partially this is due to IT departments focusing on what they know which is security.  So while they are watching the firewall an employee is leaving an unencrypted laptop on the front seat of their unlocked car.

So while I am probably beating a dead horse, or preaching to the choir, choose your metaphor,  the goal is still to get compliant, stay compliant, and prove compliance with the compliance metertm.


Add Your Comments

(not published)