Sponsored by Lawson, an Infor affiliate | Healthcare@Lawson.com | 1.800.477.1357
HHS' Annual Report on HIPAA Compliance Reveals Top Issues for Investigation
The U.S. Department of Health and Human Services' Office for Civil Rights has submitted a report (pdf) to Congress on HIPAA compliance that reveals the most common privacy compliance issue investigated from April 2003-Dec. 2010 was impermissible uses and disclosures of protected health information.The "Annual Report to Congress on HIPAA Privacy Rule and Security Rule Compliance For Calendar Years 2009 and 2010" summarizes compliance with HIPAA, complaints received by HHS of alleged violations of the HITECH Act or HIPAA rules and HHS' responses to complaints.
From April 2003, the compliance date of the HIPAA Privacy Rule, to Dec. 2010, the most common compliance issues with the Privacy Rule that the OCR investigated were the following, in order of frequency:
1. Impermissible uses and disclosures of PHI.
2. Lack of safeguards of PHI.
3. Denial of individuals' access to their PHI.
4. Uses or disclosures of more than the minimum necessary PHI.
5. Inability of individuals to file complaints with covered entities.
From April 2005, the compliance date of the HIPAA Security Rule, the most common areas for which entities failed to demonstrate adequate policies and procedures or safeguards, as required under the HIPAA Security Rule, include the following, listed by frequency:
1. Response and reporting of security incidents.
2. Security awareness and training.
3. Access controls.
4. Information access management.
5. Workstation security.
Related Articles on HIPAA:
HHS Reports Data Breaches of Protected Health Information in 2009-2010 to CongressCMS Should Finalize Operating Rules for HIPAA Transaction Standards, AHA Says
Lag in HIPAA 5010 Preparation Does Not Bode Well for ICD-10
© Copyright ASC COMMUNICATIONS 2012. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.
To receive the latest hospital and health system business and legal news and analysis from Becker's Hospital Review, sign-up for the free Becker's Hospital Review E-weekly by clicking here.
Dow Jones
Company ID [INDEXDJX:.DJI] Last trade:12,598.55 Trade time:4:03PM EDT Value change:▼33.45 (-0.26%)NASDAQ
Company ID [INDEXNASDAQ:.IXIC] Last trade:2,874.04 Trade time:5:16PM EDT Value change:▼19.72 (-0.68%)S&P 500
Company ID [INDEXSP:.INX] Last trade:1,324.80 Trade time:4:32PM EDT Value change:▼5.86 (-0.44%)Channels