According to a December 20, 2019 Report by HIPAA Journal, nearly 39 million health care data breaches had been reported to the U.S. Department of Health and Human Services (“DHHS”), Office of Civil Rights (“OCR”) by the end of November 2019. This is a staggering number, especially considering that this is more than double what was reported in all of 2018. This appears to be part of an exponentially growing number of breach reports since, as we reported last year, 2018’s breach reports were already three times greater than what was reported in 2017.
This article explores some of the trends that can be attributed to the growing number of breaches and how the OCR has responded to the difficulties experienced by healthcare entities (“Covered Entities”) covered by the security and confidentiality requirements applicable to protected health information (“PHI”) under the Health Insurance Portability and Accountability Act of 1996 and 45 CFR Parts 160 and 164, as amended by the Health Information Technology for Economic and Clinical Health Act (“HITECH”) (collectively referred to hereinafter as “HIPAA”).
Continue Reading 2019 Year in Review: Notable Changes in Law, Policy, and Enforcement of HIPAA