MAR 25, 2010 3:36pm ET

Related Links

eHealth Initiative Studies the I.T. of ACOs
February 10, 2012
Rule to Ease Consumer Understanding of Health Insurance Policies
February 9, 2012
New Content on HHS Consumer Web Sites
February 8, 2012
Health Plan ID, Insurance Exchange Rules Coming Soon
February 6, 2012
Aetna Wants Dentists to Push Smoking Cessation via iPads
January 31, 2012
HIT Vendor Round-up: Castlight, MedAssets & Aprima
January 31, 2012
Laptop Loaded with PHI Stolen from Lexington Clinic
January 31, 2012

Web Seminars

The Evolution of Tablet Computing in Healthcare
Available On Demand
Which comes first? Chargemaster Standardization vs. System Conversion
Available On Demand
Chronic Care. Chronic I.T. Challenges
Available On Demand

HHS Adds to List of Data Breaches

Print
Reprints
Email

The Office for Civil Rights in the Department of Health and Human Services has added five more organizations to a Web page listing covered entities that have reported breaches of unsecured protected health information affecting more than 500 individuals. OCR launched the page in February with the listings of 47 organizations.

The posting is mandated under the HHS breach notification rule that was authorized under the HITECH Act. Under the rule, notification within 60 days to HHS and the media is required when a breach affects more than 500 individuals. Smaller breaches must be annually reported to HHS. Business associates of HIPAA-covered entities must notify the affected covered entity of breaches.

The five new listings are:

* Montefiore Medical Center, New York, 625 affected individuals, theft of a laptop;

* Private Practice, San Antonio, 21,000 affected individuals, theft of a portable device;

* Thrivent Financial for Lutherans, Wisconsin, 9,500 affected individuals, theft of a laptop;

* Wyoming Department of Health, 9,023 affected individuals, unauthorized access of a network server; and

* Aspen Dental Care P.C., Colorado, 2,500 affected individuals, theft of an undisclosed nature.

Private practices are not individually identified in the listing, in compliance with the federal Privacy Act. HHS is working to permit the naming of private practices. The full list of large breaches, which the OCR will regularly update, is available at hhs.gov/ocr/privacy/hipaa/administrative/breachnotificationrule/postedbreaches.html.

--Joseph Goedert

 

Consumer Health

Comments (0)

Be the first to comment on this post using the section below.

Add Your Comments:
You must be registered to post a comment.
Not Registered?
You must be registered to post a comment. Click here to register.
Already registered? Log in here
Please note you must now log in with your email address and password.
Most Read
Most Emailed

Slide Shows

Private HIEs: The Pros and Cons
Twitter
Facebook
LinkedIn

Current Issue

Building Connections on the Care Continuum

A major success factor for accountable care organizations will be linking caregivers across the spectrum of care delivery. If history is any indication, that's going to be an industrywide struggle.

Videos

HdmTV from HIMSS 2011: Claire McCarthy, director of operational effectiveness at Kaiser Permanente

Policy & Regulation

EHR

Health Info Exchange

Revenue Cycle & Payments

Chronic Care

Mobile Technology

Web Seminars

White Papers

Login  |  My Account  |  White Papers  |  Web Seminars  |  Events |  Newsletters |  eBooks
FOLLOW US
Already a subscriber? Log in here
Please note you must now log in with your email address and password.