GAO report gives security recommendations

A new report examined the role of HHS security in recent years.

A new report focused on what the HSS can do to improve health security processes.
October 13, 2016

Following the various HIPAA rules laid out by the government has been a main pillar of hospital security for years. However, because of electronic healthcare breaches, hospitals may face challenges that the current rules don't adequately cover. This August, the Government Accountability Office released a report asserting that the Department of Health and Human Services "Needs to Strengthen Security and Privacy Guidance and Oversight."

While the report acknowledged the benefits of electronic health information, it also addressed the "fragmentation" within the industry, raising the possibility of risks. Using HHS data, the report also noted that the number of reported health IT breaches affecting the records of at least 500 people has actually increased, from 0 in 2009 to 56 last year. 2015 also included more than 113 million compromised records in this level of breach.

"The number of reported health IT breaches affecting the records of at least 500 people has increased."

Hospitals know the differences between the HIPAA Privacy and Security Rules, both of which have been published for more than 10 years. In light of several recent breach events, the source made several recommendations for the HHS. These range from improving the assistance it provides to covered entities to gauging its audits effectively with new metrics.

HIPAA not only has to evolve to meet new breach threats, but new technology as well. Earlier this month, HHS released cloud guidance for using health data in these digital spaces. According to FCW, HIPAA strictures can still apply to cloud vendors that encrypt their data, which may not be a foolproof protection against malware.

PROMEDICAL is a national healthcare revenue cycle management company. Since 1995, we have provided the healthcare community with a client- focused, technology driven, revenue cycle partner.  Our third party liability solutions include workers compensation and motor vehicle accident billing.  A partnership with PROMEDICAL ensures proper reimbursement, timely resolutions and increased cash.