Physician behavior doesn’t have to be a mystery.
More than 1,000 medical record breaches involving 500 or more people have been reported to HHS since federal reporting requirements took effect nearly five years ago.
HIPAA: How the law has evolved—and what's in store
HHS has been tracking data breaches since September 2009, when the HIPAA breach notification rule went into effect. The agency reports health information breaches affecting more than 500 individuals on its "wall of shame" website.
Since 2009, HHS has received 1,026 reports of breaches involving 500 or more individuals and more than 116,000 breach reports involving records of fewer than 500 individuals through March 1, 2013.
In total, large health data breaches reported by health care providers and their business associates have affected the medical records of about one in 10 U.S. residents, or 31.7 million people.
Meanwhile, more than 32,600 HIPAA complaint cases have been investigated, with more than 22,500 of them closing with corrective action, according to HHS Office for Civil Rights spokesperson Rachel Seeger.
Coming up: Expect more HIPAA penalties
In related news, HHS Chief Regional Civil Rights Counsel Jerome Meites at an American Bar Association conference last week said he expects penalties under HIPAA to increase drastically in the next year.
Experts: Stolen patient data is most lucrative form of identity theft
Since June 2013, HHS has received more than $10 million for HIPAA violations, according to Law360. However, Meites says he expects that number to be "low compared [with] what's coming up" (Conn, "Vital Signs," Modern Healthcare, 6/13; Viebeck, The Hill, 6/13).
Next in the Daily Briefing
To save her vocal cords, patient sings through surgery