Part B Insider (Multispecialty) Coding Alert

Published on Fri Aug 12, 2011 PDF

Plus: Federal healthcare prosecutions could rise by 85 percent this year.

Just because HIPAA breaches don't make the nightly news doesn't mean they aren't happening--and in large numbers, a new report indicates.

The HHS Office of Civil rights received 207 reports of HIPAA breaches that involved 500 or more individuals during 2010, which resulted in about 5.4 million individuals being affected by large breaches, according to the Annual Report to Congress on Breaches of Unsecured Protected Health Information, which was released last week.

The top five causes of incidents were theft, loss of electronic media or paper records containing protected health information (PHI), unauthorized access to use (or disclosure of) PHI, human error, and improper disposal.

The largest reported theft affected approximately 1.9 million individuals, and involved the theft of backup tapes that contained electronic medical records that were being transported to a vendor's site. Many of the additional breaches involved the theft of laptops.

Smaller breaches: More than 25,000 incidents of smaller breaches (each affecting fewer than 500 individuals) were reported to HHS in 2010, most of which involved misdirected communications--for instance, a fax with test results was mistakenly sent to the wrong person, the report indicates.

In response to the breaches, medical practices tightened up their security systems to ensure that future issues don't occur. To read the complete report, visit www.hhs.gov/ocr/privacy/hipaa/administrative/breachnotificationrule/breachrept.pdf.