• Home
  • Blog
  • Contact
HIPAA ComplianceHIPAA Compliance
HIPAA ComplianceHIPAA Compliance
  • Home
  • Blog
  • Contact

OCR Identifies 36 Entities with Breaches Affecting 500 or More Individuals

March 4, 2010 Health IT and HITECH, Privacy, Security No Comments

On Monday, February 22, 2010, the federal government, through the Office for Civil Rights (OCR) of the Department of Health and Human Services (HHS), began enforcing the Breach Notification Rule for breaches occurring on or after that date.  The Breach Notification for Unsecured Protected Health Information; Interim Final Rule, was published in the Federal Register on Monday, August 24, 2009 [74 FR 42739-42770] and was effective September 23, 2009.  Since September 22, 2009, 36 breaches of privacy or security of protected health information (PHI) affecting 500 or more individuals have been reported to OCR.  The total number of individuals affected was 1,073,657, with two of the breaches involving 359,000 (FL) and 500,000 (TN), as reported.  Seven of the 36 reported breaches involved business associates of covered entities, totaling 118,062, or about 11% of affected individuals.  Twenty-nine of the 36 breaches involved theft (22), unauthorized access (2), or a combination of theft and unauthorized access (5).  Twenty-nine also involved electronic devices or electronic media.  For more information, see the OCR Press Release here.

Tags: 500 or more individualsAugust 24 2009breachbreach notification ruleDepartment of Health and Human Resourceselectronic deviceselectronic mediaFederal RegisterHHSOCROffice for Civil RightsPHIPrivacyprotected health informationSecuritySeptember 23 2009theftunauthorized access
No Comments
Share
0

You also might be interested in

Exploring HIPAA and HITECH Act Definitions: Part 16

Dec 28, 2009

From now through early December, HIPAA.com is providing a run[...]

Prison Time for Privacy Breach of PHI; OCR Breach List Continues to Grow; More Training Needed

Apr 30, 2010

Health Data Management  reported in its April 29, 2010, online[...]

HIPAA Final Rule: Prohibited Uses and Disclosures–Sale of Protected Health Information

Mar 7, 2013

March 7, 2013.  Today, we continue going through the HIPAA[...]

Leave a Reply Cancel Reply

Categories

  • 5010
  • American Recovery and Reinvestment Act
  • Enforcement
  • GINA
  • Health Care Reform
  • Health IT and HITECH
  • HIPAA Law
  • Identifiers
  • Meaningful Use
  • Privacy
  • Red Flags Rules
  • Security
  • Transactions & Code Sets
  • Uncategorized

Recent Posts

  • Contracting with Vendors that are NOT HIPAA Business Associates: Best Practices
  • HIPAA Breach: Who You Gonna Call?
  • Can I Be Sued for a HIPAA Violation?
  • Business Associate Agreements – a First Look at Indemnification
  • Gmail, Google Apps for Business HIPAA Business Associate Agreements

Archives

Contact Us

We're currently offline. Send us an email and we'll get back to you, asap.

Send Message
HIPAA- Health Insurance Portability Accountability Act

© 2023 · hipaa.com

Prev Next