- There have been more than 90,000 reported HIPAA breaches since 2003
- Thru EOY 2012, only 40-45M records were compromised. One incident in 2015, exposed 78.8M records.
- 70% of the healthcare market is not compliant
- Save your reputation, avoid the list of shame: https://ocrportal.hhs.gov/ocr/breach/breach_report.jsf
When you don’t have a quality HIPAA compliance program, you should anticipate experiencing the following types of incidents:
Dumpster Diving for PHI Exposes Business Associate (and Physician Practice) to Liability. FileFax Inc., a Chicago-area record storage and disposal company, is being sued by the Illinois attorney general's office for improper disposal and exposure of thousands of patient medical records, which belonged to Suburban Lung Associates, a pulmonology group. Suburban Lung Associates had hired FileFax to dispose of the medical documents.
$750,000 HIPAA Settlement emphasizes the importance of risk analysis and device and media control policies. A radiation oncology private physician practice, Cancer Care Group, P.C., reaches settlement with HHS. Laptop theft lead to breach but lack of comprehensive risk analysis and device and media control policy lead to the steep penalty.
Cost of downtime calculator. Use this link to determine your cost of downtime.