Friday July 30, 2010
BridgeFront - http://www.hipaarx.net & Regulatory Compliance Products - HOME
  
Search

 
HIPAA FLASH NEWS STORY Share
In this HIPAA Flash Edition

1) HHS Breach Site Grows to 100 Companies - [Full Story]
2) Study: Health Data Leaks Still an Issue
3) Crack Down on EHR Breaches - [Full Story]
4) Compliance Programs Integral to Curb Fraud - [Full Story]
5) Patient Speaks Out After Data Breach - [Full Story]

Study: Health Data Leaks Still an Issue after New HITECH Rules

Nearly eight months after the HITECH Act was enacted, organizations continue to leak sensitive health care data via peer-to-peer networks, according to a study by Dartmouth College's Tuck School of Business, Computerworld reports.

The HITECH Act -- part of the 2009 federal stimulus package -- requires organizations handling health data to implement stronger controls for protecting such information and publicly disclose security breaches within 60 days. The law also expands the number and type of organizations that must adhere to HIPAA privacy rules and imposes penalties for violations. According to Computerworld, data leaks occur when P2P sites' file-sharing software is improperly installed on a computer storing sensitive data.

Study Findings

For the study, researchers scoured several P2P networks for documents containing health care-related keywords. The files then were examined and rated on a three-point scale depending on the sensitivity of the data.

According to the researchers, health information was as easily accessible on P2P networks as it was before the implementation of the HITECH Act.

The study found that more than 20% of the documents contained data protected under HITECH rules. Researchers also found that information often was kept in unprotected spreadsheets and documents (Vijayan, Computerworld, 5/17).

iHealthBeat
May18, 2010

The HIPAA Flash is an opt-in HIPAA newsletter. The content is for informational purposes only. Nothing herein constitutes legal advice - if you need legal advice, please consult a competent attorney.

BridgeFront is your best source for compliance workbooks, online training, disclosure tracking systems, network scanning tools, backup facilities, certifications, consulting ... HIPAA from A to Z. For the most complete suite of HIPAA compliance products and services available, visit: www.BridgeFront.com.

BridgeFront also provides training in OSHA, JCAHO, Nurse CE, Long Term Care, Revenue Cycle Management and much more. For more information, contact us by calling 866-447-2211 or send an email to info@bridgefront.com.
©® 2002-2010 BridgeFront