September 8, 2011
The Department of Health and Human Services' Office for Civil Rights provided a report to Congress on health information breaches from September 2009 through 2010, as required under the HITECH Act. Nearly 7.9 million Americans were affected by almost 30,800 health information breaches, according to the report.
You can register and get a copy here:
Nearly 7.9 million Americans were affected by almost 30,800 health information breaches between September 2009, when a federal healthcare breach notification rule took effect, and the end of 2010, according to a new report to Congress.
The report from the Department of Health and Human Services' Office for Civil Rights shows about 7.8 million individuals were affected by 252 major breaches (incidents affecting 500 or more). In addition, about 62,000 individuals were affected by 30,521 smaller incidents.
OCR reveals in the report that it has closed its investigation of only about 30 percent of the larger incidents, confirming that corrective action is complete.
The office regularly updates a list of major healthcare information breaches on its website. That "wall of shame" now shows 314 major breaches from September 2009 to July 2011, affecting a total of almost 11.7 million individuals.
Under the HITECH Act, enacted in early 2009 as part of the economic stimulus package, OCR was required to provide Congress with annual updates about breach reports it receives as a result of the HITECH-mandated breach notification rule. This week's report, however, is the first OCR has submitted to Congress.