[ Monday, February 22, 2010 ]


Publicly-Disclosed Data Breaches: As you should know, the data breach reporting requirements have been effective since September; if you're a covered entity and suffered a data breach, you needed to report to the individual and, if it involved 500 or more people, to HHS and the local media. HHS is then obligated to annually post the data breaches reported to it.

And now they have. Check out the data breaches. What strikes me is what I've always called the "crackhead" issue -- see how many are computer thefts. I'd bet every one of those resulted in no disclosed information, since all of those computers were probably immediately scrubbed of any information so they could be fenced.

UPDATE: not everyone is pleased with the level of detail provided by HHS in its report.

Jeff [9:25 PM]

Some stats on the breaches can be found here:

Stats on breaches
Post a Comment
http://www.blogger.com/template-edit.g?blogID=3380636 Blogger: HIPAA Blog - Edit your Template