HIPAA benchmarking survey reveals trends about reportable breaches
Physician Practice Insider, March 10, 2015
In early 2014, HCPro’s Medical Records Briefing (MRB) newsletter conducted a HIPAA benchmarking survey to gauge compliance with the HIPAA Omnibus Rule shortly after its September 23, 2013 implementation date. This year, MRB asked healthcare professionals to give us an update on their HIPAA compliance more than one year after implementation.
With the March 1 deadline for reporting breaches of protected health information (PHI) to HHS just around the corner, it seemed appropriate to ask respondents about breach notification. The percentage of respondents who said their organizations experienced a HIPAA breach in the past two years remained at 55% from 2014 to 2015.
However, more than half of respondents (54%) said their organizations have not experienced an increase in reportable breaches and do not anticipate an increase. Some of this may be related to how organizations define a breach. In fact, one respondent said that his or her facility struggled most with determining whether an incident is a reportable breach.
The HIPAA Omnibus Rule eliminated the harm threshold and expanded the definition of a breach to include all PHI that is compromised, which some industry experts predicted would lead to an increase in reportable breaches. The expansion of the definition of a breach may explain why some respondents say they have not experienced a breach in the last two years, says Chris Simons, MS, RHIA, HIM director and privacy officer at Cheshire Medical Center in Keene, New Hampshire. “I suspect they are not using the Omnibus standard for determining a breach, but instead relying on the old assessment of potential harm,” Simons says.
This article originally appeared in HIM-HIPAA Insider.
Related Products
Most Popular
- Articles
-
- Don't forget the three checks in medication administration
- CDC alert: Screen for international travel as Ebola cases increase
- Complications from immobility by body system
- Note similarities and differences between HCPCS, CPT® codes
- Q&A: Primary, principal, and secondary diagnoses
- The consequences of an incomplete medical record
- Nursing responsibilities for managing pain
- Practice the six rights of medication administration
- OB services: Coding inside and outside of the package
- Differentiate between types of wound debridement
- E-mailed
-
- CDC alert: Screen for international travel as Ebola cases increase
- Capturing start and stop times for infusions
- Differentiate between types of wound debridement
- Q&A: Utilization Review Committee Membership
- Life Safety Code Q&A: Ambulatory care soiled utility room
- Leadership training for charge nurses
- Helping Charge Nurses understand their leadership role (Part 2 of 3)
- Five ways to safeguard your patients' valuables
- Developing a Fall-Prevention Program
- Searched