OCR Reports 107 Breaches Affecting Over 4 Million Individuals (I)

As of the July 4th holiday weekend, the Office for Civil Rights (OCR) has updated again its Web site listing of breaches affecting 500 or more individuals.  As of July 2, 2010, there were 107 breaches listed that were reported to have occurred between September 22, 2009 and June 11, 2010. Individuals affected by these publicly listed breaches totaled 4,086,980.  Six of the 107 breaches, or 5.6% of the total, affected 3,353,627 individuals, or 82% of the total.  This is the first of three postings that analyzes the data from these 107 breaches.  This posting (I) covers electronic breaches, the next posting (II) covers hard copy (paper) breaches, and the…

READ MORE

Physical Safeguard Standard, Workstation Use-What to Do and How to Do It

In our series on the HIPAA Administrative Simplification Security Rule, Workstation Use is the second Physical Safeguard Standard.  There is no defined implementation specification for this standard.  Implementation of policies and procedures pertaining to this standard are required.  As we have noted in earlier postings on HIPAA.com, business associates of covered entities will be required to comply with the Security Rule safeguard standards, beginning February 17, 2010.  This requirement is one of the HITECH Act provisions of the American Recovery and Reinvestment Act (ARRA), signed by President Obama on February 17, 2009. What is Required A covered entity must implement policies and procedures that specify the proper functions to be…

READ MORE