DRJ Fall 2019

Conference & Exhibit

Attend The #1 BC/DR Event!

Fall Journal

Volume 32, Issue 3

Full Contents Now Available!

Friday, 02 August 2019 13:10

Recent HIPAA Settlements Highlight The Weaknesses In Healthcare Security

Hindsight is 20/20; it’s easy to look back on past mistakes and identify ways to prevent them from reoccurring, especially when it comes to breaches reported on the Office for Civil Rights’ (OCR) “wall of shame.” To better serve our healthcare provider clients, we recently looked back at the past year of Health Insurance Portability and Accountability Act (HIPAA) settlements and identified what went wrong in 10 of the reported breaches, then pulled key takeaways for other healthcare providers to learn from. Our analysis is summarized in the just-published “Lessons Learned From The Latest HIPAA Security And Privacy Incidents,” available to our clients today.

What did we learn?

Hacking Incidents Were The Top Cause Of HIPAA Breaches In 2018

Healthcare security teams have worked hard to improve their security fundamentals, prompting increasing security budgets and adoption of basic security tools. In the past, device loss and theft were top causes of HIPAA settlements, but this is no longer the case as healthcare providers mature their security practices (see figure). We now see hacking/IT incidents as the top cause of breaches leading to HIPAA investigations.