The latest updates to the federally maintained roll of major health information breaches show that the loss and theft of unencrypted devices continue to be major problems for the healthcare industry, particularly in light of stepped up enforcement of HIPAA conformance.
The 10 breach incidents added to the Department of Health and Human Services’ Office for Civil Rights tally in the past month affected 155,000 individuals.
Since September 2009, when the HITECH breach notification rule took effect, 499 major breaches affecting 21.2 million have been posted. OCR adds incidents affecting 500 or more individuals to the list once it confirms the details. So far, OCR has posted about 89 incidents that happened in 2012, which affected slightly more than 2 million people.
An article in DataBreachToday reports that, according to some observers, many organizations have yet to encrypt all laptops containing patient information due to misperceptions about the cost involved and the potential impact on computer performance. And device thefts are often the result of carelessness or a lack of awareness of security risks.
Read entire article