HITRUST: HIPAA Breaches Near $1 Billion
"What I'm seeing is that organizations are not taking any chances," Hourihan says. "If a breach has the slightest chance of harm, they're going to do the notification."
Based on his research, Hourihan offers these tips:
- Encrypt portable devices. With the theft of laptops being the No. 1 cause for the type and location of breaches, Hourihan says organizations should "at the very least" make sure any portable devices are encrypted. And, if you can help it, remove any sensitive information.
- Don't store information locally. A better option here is to get your information on network drives, providing users with an easy-to-use centrally managed and protected option. "Make sure nothing gets stored locally," Hourihan says.
- Ensure BA compliance. BAs composed only 1/5 of the breaches on the OCR website, but Hourihan sees that climbing. "Across all segments of the industry, our data shows that third party security management is the least mature in control," says Hourihan, "and the BAs aren't the ones being called out when there's a breach."
Other notable numbers from the HITRUST report include:
- 4,089,670 individuals affected
- 38% of breaches include hospital/provider networks (No. 1)
- 79% of individuals affected involve insurance plans (No. 1)
- 31% of breaches involve laptops (No. 1)
- 70% of records involve a theft (No. 1).
- 18.5% percent of breaches implicate a BA
Dom Nicastro is a contributing writer. He edits the Medical Records Briefings newsletter and manages the HIPAA Update Blog.
- Antibiotic Overuse a 'Huge Threat' to Patient Safety, Says CDC
- CFO Exchange: Smartphones Poised to Disrupt Healthcare, Says Topol
- Consumerism Drives Healthcare Branding, Rebranding Efforts
- 3 Traits Personality Assessments Can't Reveal
- PA Ranks See 'Phenomenal Growth,' Lack of Diversity
- CHS Hacked, 4.5M Patient Records Compromised
- CFO Exchange: Healthcare Leaders Share 5 Innovative Ideas
- Business Roundup: M&A Activity Down Slightly in First Half of 2014
- Large Employers Trimming Healthcare Spending
- Carondelet to Pay $35M to Settle Fraud Allegations