Corporate Compliance

Large patient information breach list reaches 265

Compliance Monitor, May 4, 2011

The number of entities reporting breaches of unsecured PHI affecting at least 500 individuals to the Office for Civil Rights (OCR), the enforcer of the HIPAA privacy and security rules, reached 265 as of Monday, May 2.

By the middle of March, 249 entities had reported breaches, meaning there have been 16 in the last 45 days, which is behind the pace set since OCR began posting the breaches more than a year ago.

OCR, per a provision in the Health Information Technology for Economic and Clinical Health (HITECH) Act, began posting the entities and information about their large breaches in February 2010. In 15 months there has been an average of about 18 reports per month – or a little more than one every other day.

Health insurance giant Health Net, Inc., earned top billing on the list after it reported its potential breach affecting the health records of 1.9 million past and current enrollees.

Most Popular