Reported data breaches show that HIPAA violation settlements are on the upswing, both in terms of the number of individuals affected and financial cost. We’re not done with 2017, yet OCR’s updated breach portal shows that nearly 4 million individuals have been affected by over 200 healthcare data breaches as of mid-September.
Looking back just two years, and the analysis of HHS and OCR publicly reported breaches indicates an increase of 320% in 2016 over 2015’s hacking related healthcare data breaches. It helps to understand that reported breach types can range from hacking to unauthorized access or disclosure of ePHI, to theft of devices. Also, while business associate and health plan breaches are affected as well, healthcare providers represent nearly 78% of the incidents reported, an overwhelming majority.
What can we learn, and apply, from this? 3 things:
Finally, when taking any and all of the above steps, don’t underestimate the value of transparency between business partners. Covered entities (providers, plans) and their business associates (digital vendors, third-party services) are interdependent. If one isn’t secure and compliant, the foundation is faulty. Transparency in monitoring and tracking actions strengthens data security, organizational compliance, and the business relationship. Contact us today to learn more about how Ostendio’s MyVCM can help you manage the security and privacy of your organization.
The NIST Guide can help. We can also provide you with a free copy of Ostendio’s password policy, as an example. Just contact us at info@ostendio.com.
1300 17th St N
Suite 850
Arlington, VA 22209
Call Us
1-877-668-5658
Email
info@ostendio.com