1)  Senators Introduce Stringent Health Records Privacy Bill - [Details]
2)  Hard Times On The HIPAA Front - [Details]
3)  Medical IT Contractor Folds After Breaches - [Details]
4)  Official: Don't Reinvent the Wheel As National IT Network Progresses - [Details]
5)  GAO Report: Health Care Privacy Breaches Common - Current Article

A Government Accountability Office report released on Tuesday finds that more than 40% of federal health insurance contractors and state Medicaid agencies in the past two years have experienced a privacy breach involving personal health data, InformationWeek reports.

The GAO report, "Domestic and Offshore Outsourcing of Personal Information in Medicare, Medicaid and TRICARE," finds that contractors and agencies that experienced privacy breaches collectively have access to medical data for more than 100 million U.S. residents.

The report also finds that more than 90% of Medicare contractors and state Medicaid agencies and 63% of TRICARE contractors reported some domestic outsourcing last year, which usually involved between three and 20 vendors (Claburn, InformationWeek, 9/5).

Out of the 378 contractors and agencies surveyed, 33 Medicare Advantage contractors, two Medicare fee-for-service contractors and one Medicaid agency reported that their domestic vendors had transferred some work to offshore organizations, Modern Healthcare reports. However, the report states that the "extent of offshore outsourcing by vendors may be understated because many federal contractors and agencies did not know whether their domestic vendors transferred personal health information to their locations or vendors."

Privacy problems also might be underestimated because of differences in the federal programs' reporting requirements. The TRICARE Management Activity, which oversees the TRICARE program, requires its contractors to report privacy breaches each month. CMS requires Medicare fee-for-service contractors to report privacy breaches within 30 days of detecting a breach, but it does not require Medicare Advantage contractors or state Medicaid agencies to report privacy breaches, according to GAO (Conn, Modern Healthcare, 9/6).

GAO recommends that privacy breach reporting requirements be extended to include other Medicare contractors and state Medicaid agencies that handle personal health data (InformationWeek, 9/5).

HIPAA Solutions Rx is your best source for compliance workbooks, online training, disclosure tracking systems, network scanning tools, backup facilities, certifications, consulting ... HIPAA from A to Z. For the most complete suite of HIPAA compliance products available, visit us at: http://www.hipaarx.netor call us at 1-866-447-2211.

HIPAA Solutions is a BridgeFront Company. For training in OSHA, JCAHO, Nurse CE, Long Term Care, Revenue Cycle Management and much more, visit http://www.bridgefront.com.