Health IT Pulse

Nov 14 2011   9:52AM GMT

Franken wants stricter health care data breach penalties

Beastwood Profile: Beastwood

Tags:
data breaches
HIPAA audits
HIPAA violations
PHI encryption

Two years ago, the HITECH Act toughened health care data breach penalties significantly. It seemed HIPAA finally had enough teeth for the industry to take it seriously.

Perhaps not. More than 360 breaches have been reported to the Department of Health and Human Services (HHS) since September 2009. After the latest, which affected 16,000 UCLA Health System patients, U.S. Sen. Al Franken (D-Minn.) said enough is enough.

Last week Franken, chairman of the Senate Subcommittee on Privacy, Technology and the Law, called for even tougher health care data breach penalties and enforcement rules from the Office for Civil Rights. The OCR told Franken that tougher rules were in the works but couldn’t provide a specific timetable.

That is unfortunate. Health care data breaches are preventable through employee education, HIPAA-mandated security risk assessment and, of course, technology. Encryption, network security, identity management and device management systems all come to mind. Plus, every high-profile health care data breach further erodes public confidence in the use of electronic health records, which, as public opinion suggests, are much easier to steal than a filing cabinet.

Will tougher rules finally give the industry a much-needed kick in the pants? The OCR’s random HIPAA audit program did begin last week, and while it represents the first time the government will proactively evaluate health data security, instead of waiting until a breach has occurred, it’s unclear if the audits will serve as more than “teachable moments.”

By and large, the presence of a police car parked behind the bushes and the threat of a speeding ticket do little to deter speeding. Too much is at stake for health data security to receive a similar brush-off.

8  Comments on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.
  • Don Fluckinger
    Al Franken, Stuart Smalley, and health data Deep Thoughts http://t.co/nvnixr6D #EHR #EMR #HIPAA #healthIT
    0 pointsBadges:
    report
  • SearchHealthIT
    Sen. @AlFranken calls for stricter #healthcare #databreach regulations, penalties http://t.co/dOlQ5lMh #HIPAA #ONC #OCR #healthIT
    0 pointsBadges:
    report
  • Jenny Laurello
    Franken says "enough", calls for stricter #healthIT #databreach penalties in light of UCLA breach http://t.co/tjVOXVxu #EHR #HITsm #hcsm
    0 pointsBadges:
    report
  • Focus_OneSource
    RT @searchhealthit: Sen. @AlFranken calls for stricter #healthcare #databreach regulations, penalties http://t.co/vhmT5NCU #HIPAA #ONC #OCR
    0 pointsBadges:
    report
  • Co3 Systems Inc.
    RT @searchhealthit: Sen. @AlFranken calls for stricter #healthcare #databreach regulations, penalties http://t.co/vhmT5NCU #HIPAA #ONC #OCR
    0 pointsBadges:
    report
  • Jenny Laurello
    Calls for stricter penalties in light of UCLA data breach http://t.co/tjVOXVxu #HealthIT #EHR #HITsm #HIPAA #hcsm
    0 pointsBadges:
    report
  • Patric Kane Williams
    Calls for stricter penalties in light of UCLA data breach http://t.co/tjVOXVxu #HealthIT #EHR #HITsm #HIPAA #hcsm
    0 pointsBadges:
    report
  • Data Breaches: A Growing and Alarming Trend and a Potential Safe Harbor : HEALTH REFORM WATCH
    [...] panel, both voiced their concern over patient privacy protection and the current regulatory scheme. Senator Franken has said that he is contemplating legislation to encourage encryption by providers, although no [...]
    0 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: