What happens after a data breach?
The federal healthcare breach notification rule requires HIPAA covered entities-comprising providers, insurers and vendors who must comply with HIPAA transaction sets-to report breaches of protected health information affecting 500 or more individuals to the Department of Health and Human Services' Office for Civil Rights. OCR posts the breaches to a public Web site. And there have been a lot of postings: by mid-June, 288 listings had filled what is called the "Wall of Shame" in just an 18-month period. Health Data Management contacted numerous organizations that had suffered a data breach, hoping to find one that would share its experiences about dealing with and recovering from a major breach. Only one responded, and that was to say it declined to comment. Susan McAndrew, deputy director for health information privacy at OCR, believes the reluctance is a missed opportunity.
- Resisting the Healthcare Consolidation Frenzy
- MGMA Urges 'End-to-End' ICD-10 Testing
- 1 in 5 CT Screenings for Lung Cancer Results in Overdiagnosis
- New G-Codes to Pay Doctors for Broad Array of Non-Face-to-Face Care
- Give Nurses in Wheelchairs a Chance
- Scary Financial Challenges for 2014
- MU Compliance Announcement Sparks Concern, Confusion
- HL20: George Halvorson—Expectations for Success
- 3 Better Ways to Market Bariatric Surgery
- Top 3 Health Plan Game Changers of 2013