Business Continuity, Data Breach, Disaster Recovery, Education, HIPAA / HITECH Enforcement, News Events, OCR HIPAA Audits, Risk Analysis/Risk Management, Tip of the Week

Breaches Affecting 500 or More Individuals

Sylvia Matthew Burwell is the 22nd Secretary of Health and Human Services (HHS) and took office last June 9th, 2014. According to her Biography, “Secretary Burwell has called for the Department to operate under three guiding tenets: to deliver results on a wide range of complex issues; to strengthen the relationships that drive progress; and to build strong teams with the talent and focus needed to deliver impact for the American people”.

Included in her job description along with overseeing more than 77,000 employees is ensuring that data breaches of unsecured protected health information affecting 500 or more individuals are posted on the HHS website. The Secretary is required to do this by section 13402(e) (4) of the HITECH Act. The following unauthorized access/disclosure breaches have been reported to the Secretary between May 2014 and August 2014.

May to August 2014 breach of unauthorized access or disclosure

 

Brought to you by RISC Management and Consulting, LLC as part of  Privacy and Security Awareness Program

References

http://www.hhs.gov/ocr/privacy/

http://www.hhs.gov/ocr/privacy/hipaa/understanding/coveredentities/federalregisterbreachrfi.pdf

Advertisements
Data Breach, Education, HIPAA / HITECH Enforcement, OCR HIPAA Audits

Organizations must address data breaches before they occur

Read a short blog written by RISC Management and Consulting, LLC Practice Leader Chris Heuman from 2012

“Any organization that creates, collects, stores, processes, transmits, archives, or deletes sensitive information about an individual, must prepare for a Data Breach before it occurs. To address Data Breach response planning after the breach occurs is costly and potentially a game-ender for some companies.”

Follow the link: http://hipaaprivacyandsecurity.blog.com/category/news/