Monday, February 22, 2010

Breaches Affecting 500 or More Individuals

As required by section 13402(e)(4) of the HITECH Act, the Secretary must post a list of breaches of unsecured protected health information affecting 500 or more individuals.  They can be found at http://www.hhs.gov/ocr/privacy/hipaa/administrative/breachnotificationrule/postedbreaches.html

The type of items that caused a breach included laptops, paper, email, network servers, desktop computers, Portable USB devices, postcards, backup tapes, and CDS.   The number of organizations reporting is not surprising.  This writer wonders how many other organizations had breaches that went undetected.

No comments: