News Stay informed about the latest enterprise technology news and product updates.

Even HIPAA auditors can have a health care data breach

Since the Office for Civil Rights (OCR) began publishing information on health care data breaches affecting 500 or more individuals on its website, 300 breaches have been reported. Two of those data breaches were reported by KPMG, LLP, as a business associate to the New Jersey health care system.

The breach occurred in June 2010, when a KPMG employee lost an unencrypted flash drive that may have contained a list with some patient names and information about their care. Eight months later, KPMG was chosen by OCR to develop a HIPAA auditing protocol and conduct audits on 150 covered entities and business associates before Dec. 31, 2012.

Considering encryption is one of the most important tools in avoiding a health care data breach, it’s surprising that a HIPAA auditor would be using an unencrypted device, even if KPMG was not an auditor at the time of the breach. KPMG said it would implement improved security measures to avoid future breaches. Hopefully those improved security measures include the use of encrypted flash drives.

Most health care organizations are becoming keenly aware of the need to keep mobile devices secure. SearchHealthIT’s recent security and privacy report shows that encryption and mobile device security ranked highest among the technologies that health IT professionals plan to purchase in the next year to help their organization achieve HIPAA compliance. Survey respondents also reported that the weakest link in hospital patient data security is staff who leave laptops or records in open areas.

Join the conversation

10 comments

Send me notifications when other members comment.

Please create a username to comment.

Even HIPAA auditors can have a health care data breach http://t.co/A6Yxhz2 (from @HITExchange
Cancel
RT @nursingpins: Even HIPAA auditors can have a health care data breach http://t.co/A6Yxhz2 (from @HITExchange
Cancel
Even #HIPAA auditors can have a health care data breach http://t.co/nAurwR6 #HealthIT #EHR #EMR #HITPol #HITsm
Cancel
Even #HIPAA auditors can have a health care data breach http://t.co/nAurwR6 #HealthIT #EHR #EMR #HITPol #HITsm
Cancel
Even #HIPAA auditors can have a health care data breach- #encryption is most important tool to avoid a #databreach http://t.co/CwMID5G
Cancel
Encryption is key to securing #mobile #healthcare devices & #patient data (Via @SearchHealthIT) http://t.co/NOuiXja
Cancel
Even HIPAA auditors can have a health care data breach - Health IT Pulse http://t.co/0FmWCnX
Cancel
Even HIPAA auditors can have a health care data breach - Health IT Pulse http://t.co/fbo6PG7Z
Cancel
#KP&G, OCR's own chosed auditor, has it's own breach through (horrors) an #unecrypted flash drive! http://t.co/buYRAwou
Cancel
#KP&G, OCR's own chosed auditor, has it's own breach through (horrors) an #unecrypted flash drive! http://t.co/buYRAwou
Cancel

-ADS BY GOOGLE

SearchCompliance

SearchCIO

SearchCloudComputing

SearchMobileComputing

SearchSecurity

SearchStorage

Close