Watchdog Says Government Failing To Enforce HIPAA Privacy Protections

The Government Accountability Office (GAO) is warning that the U.S. government hasn’t lived up to promises to protect the privacy of Medicare patients who use the federal government’s Prescription Drug Benefit and not following through on promises to audit organizations that store patient health information.

The U.S. Department of Health and Human Services (HHS) this week announced that the University of California at Los Angeles Health Services (UCLAHS) has agreed to pay a $865,000 fine and pledged to tweak their infrastructure after potentially breaking the Health Insurance Portability and Accountability Act (HIPAA).

Officials from the Department of Health and Human Services’ Office for Civil Rights have revised their list of healthcare information breaches over the past month to include 16 additional incidents, according to a GovInfoSecurity.com report.

The health care industry’s toothless tiger finally bared its teeth, as the U.S. Department of Health and Human Services issued a $4.3 m fine to a Maryland health care provider for violations of the HIPAA Privacy Rule. The action is the first monetary fine issued since the Act was passed in 1996. 

From SC Magazine (Angela Moscaritolo)

Two new rules were created this week requiring health care organizations, and other entities that interact with personal health records (PHRs), to issue notifications in the event of a data breach.

The key rule, issued Wednesday by the U.S. Department of Health and Human Services (HHS), requires health care organizations subject to Health Insurance Portability and Accountability Act (HIPAA) regulations to notify individuals whose information has been breached, when the breach affects more than 500 individuals. Breaches affecting fewer than 500 individuals must be reported to the HHS annually. Read the full story [scmagazineus.com] 

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.