TRICARE in Trouble Again- More Lawsuits to Face
The federal breach tally that has been growing steadily has now exceeded 20 million. The Department of Health and Human Services’ Office for Civil Rights usually adds breaches to its tally after it conducts an investigation and confirms the details. Since May 23rd 2012, 29 breaches have affected about 935,000 individuals have been added to the breach list.While most of the major breaches have involved lost or stolen unencrypted electronic devices, hacker attacks constituted 7 percent and nearly 22 percent of the breaches have involved a business associate.
The breach list of The Department of Health and Human Services’ Office for Civil Rights, tracks breaches affecting 500 or more individuals that have occurred since late September 2009, and this tally, is updated on a continual basis. Of the largest 32 hacking incidents, the Utah breach is by far the largest affecting 780,000 individuals. Health department officials acknowledged that the breach involved a server that was protected with a weak password.The other major incidents that are yet to go on the list are the,
- The Emory Healthcare breach that affected 350,000 individual patients and 10 missing computer disks
- A South Carolina Department of Health and Human Services involved an employee who allegedly transferred patient information to his personal e-mail account. The breach affected 228,000 Medicaid recipients.
While it is important for entities to identify a breach, they also need to ensure robust and effective risk assessment measures and report the incidents to HIPAA. Although the final version of the breach notification rule will include clarification of how to determine whether a breach must be reported to federal authorities, Susan Mc Andrew, OCR’s deputy director of health information privacy, stated that there would be additional guidance that will help entities to identify appropriate measures for risk assessment.
Data security is of vital importance.Safeguarding data without a comprehensive solution can become a serious concern. You must essentially be aware of the vulnerabilities you are exposed to, and be able to measure the level of information security in your organization with an automated security and compliance process.
With a solution like eGestalt’s SecureGRC, you can be rest assured. It comes with the capability of providing end-to-end support for all your data protection needs. Not only does it ensure that risk assessment is performed at regular intervals, it also prevents the breaches from occurring.
Related posts
