The Office of Civil Rights (OCR), which is tasked with monitoring breaches of private health information (PHI) records, reports that, since implementation of the breach rule earlier this year, the total reported through June 4, 2010, stands at 93, and this is just for breaches affecting 500 or more records.
The others with fewer than 500 affected records aren’t required to report until the close of the year.
Those 93 breaches have violated the medical records of some 2.5 million individuals. Of the reported breaches, 26 percent involved printed records and 74 percent electronic or digital media records.
The HIPAA (Health Insurance Portability and Accountability Act) security rule was strengthened by the HITECH (Health Information Technology for Economic and Clinical Health) Act of 2009, and the Department of Health and Human Services (HHS, of which OCR is a part) later implemented the breach rule referenced above.
Employers who offer health insurance to their employees can be directly affected by HIPAA, HITECH and the breach rule, so it may be wise to obtain, follow and post a copy of Personnel Concepts’ HITECH Act Security Rule Poster.