Thursday, July 11, 2013

KPMG: Organizations Unaware of Health Privacy Rules

KMPG, the contractor who performed HHS privacy and security compliance audits, reported that many of the healthcare providers, payers, and claims clearinghouses were unaware of health data privacy and security rules.

Of the 980 problems identified during the 115 HIPAA audits about a third were because health care organizations were unaware of certain regulations that applied to them.

"It appeared that some organizations wrote their data privacy and security policies only after being targeted for an audit. ."
- Linda Sanchez, Senior OCR Advisor
The analysis also found that 47 of the 61 audited health care providers had not completed a full and accurate risk assessment to identify potential data problems.

The required risk assessment includes ensuring that health workers only have access to data required for their job. There are now low-cost on-demand SaaS analytics services to detect user access exceptions and create complete reports for the attestation process.

Download a white paper on patient privacy breach detection. Learn how to proactively identify unauthorized breaches of patient data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) Some Organizations Unaware of Health Data Privacy, Security Rules - www.iHealthBeat.org, 04/25/2013

No comments:

Popular Posts

Copyright © 2010-2011 by Veriphyr Incorporated, All Rights Reserved.

Contact us at Veriphyr.com.