Did you know that 2.7 million Americans were affected from around 32 major health information breach incidents recently? The bulk of the people were affected by the information breach that occurred with the Insurer Health Net and its business associate IBM. The Federal list released on June 22nd lists all the major healthcare information breaches that occurred from September 2009 wherein somewhere to the tune of around 11 million individuals were affected. The Health information breaches continued unabated with firstly the health net incident followed closely with the theft of a desktop computer at the Eisenhower medical center that compromised information security of over 5, 00,000 individuals.
There was large number of information security breaches since 2009 ranging from thefts of hard drives (BlueCross Blueshield of Tennessee), laptop (AvMed), and backup tapes (New York City Health &Hospitals Corp.) resulting in compromising sensitive medical and health information of millions of people. Even as the full and final version of the HITECH breach notification rule is expected to be released later this year as part of an ‘omnibus’ package that would include several rules, the current version requires that organizations should conduct risk assessment to determine any incident that could be a potential threat and if it does cause harm, the eventual breach must be reported.
So is it really that difficult for healthcare organizations to take the right action as far mitigating such information risks are concerned? Actually no! It is not difficult if a prudent medical practitioner or healthcare enterprise owner ensures that healthcare compliance measures are in place by adopting the appropriate HITECH compliance solution. All that a healthcare organization needs to do is to enforce such a security policy that can restrict any unauthorized access. SecureGRC, an automated compliance solution from eGestalt, can help healthcare organizations deal with their compliance woes comprehensively. The solution is so designed that it can identify, remediate and maintain HIPAA and HITECH compliance for all healthcare organizations that handle Patient Health Information.
SecureGRC is equipped to help healthcare organizations achieve and maintain compliance to regulations set forth in both HIPAA and HITECH acts. Additionally, since the solution can be delivered via Cloud, not requiring any custom hardware investments, the compliance solution is actually future-proof! The solution not only automates the audit process but also provides concrete evidence of what risks need to be addressed and also how it should be addressed. eGestalt makes it easy to stay clear of Health information breaches with its fully optimized solution that addresses all healthcare compliance issues.