Report Faults Security Efforts for Patient Information

Only 6 percent of audited organizations adequately fulfilled requirements for reducing risks and vulnerabilities


As ransomware and cyber attacks continue to target patient information of hospitals and other healthcare organizations at an alarming rate, the pressure is mounting for facility managers and IT professionals to take adequate measures to protect the private information of patients. A new report suggests many have a long way to go in achieving compliance with HIPPA requirements.

The Office for Civil Rights (OCR) at the U.S. Health and Human Service recently released a HIPAA Audits Industry Report that could be quite helpful to covered entities and business associates for tackling HIPAA compliance as we enter the new year, according to The National Law Review.  The report examines OCR’s findings from HIPAA audits conducted during 2016-2017 of 166 healthcare providers and 41 business associates. The audits examined mechanisms for compliance, identified promising practices for protecting the privacy and security for health information, and discovered vulnerabilities that might have been overlooked by OCR enforcement activity. Among the findings:

• Approximately 70 percent of covered entities used breach-notification letters that failed to satisfy regulatory content requirements, such as a description of the electronic personal health information (ePHI) breached and steps individuals can take to protect themselves from additional harm.

• Covered entities struggled to implement requirements for risk analysis and risk management. The report highlighted that only 14 percent of audited covered entities “substantially fulfilled” responsibilities regarding safeguarding of ePHI through risk analysis mechanisms, and only 6 percent adequately fulfilled requirements to implement appropriate risk-management mechanisms to reduce risks and vulnerabilities to a reasonable and appropriate level.

Click here to read the article.



January 12, 2021


Topic Area: Information Technology


Recent Posts

How Backup Power Needs Vary Across Healthcare Settings

Manufacturers discuss how evolving codes, technologies and care settings shape healthcare backup power strategies.


Flexible Design Strategies Help OhioHealth Maximize Clinical Space

Doing more with less was key to the renovated facility’s design.


New Bass Center for Childhood Cancer and Blood Diseases Opens

The new space not only offers more exam rooms but also features 15 private infusion bays to allow privacy for all patients and their caregivers during treatment.


Encompass Health Rehabilitation Hospital of Daytona Beach Opens

Hospital amenities include all private patient rooms, a spacious therapy gym featuring advanced rehabilitation technologies, an activities of daily living suite and more.


What Healthcare Facilities Can Learn from a $49 Million Window Failure

A major window system failure at the University of Iowa’s Children’s Hospital sparked a costly replacement project – and a $49.4 million arbitration win.


 
 


FREE Newsletter Signup Form

News & Updates | Webcast Alerts
Building Technologies | & More!

 
 
 


All fields are required. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.