News Stay informed about the latest enterprise technology news and product updates.

Franken wants stricter health care data breach penalties

Two years ago, the HITECH Act toughened health care data breach penalties significantly. It seemed HIPAA finally had enough teeth for the industry to take it seriously.

Perhaps not. More than 360 breaches have been reported to the Department of Health and Human Services (HHS) since September 2009. After the latest, which affected 16,000 UCLA Health System patients, U.S. Sen. Al Franken (D-Minn.) said enough is enough.

Last week Franken, chairman of the Senate Subcommittee on Privacy, Technology and the Law, called for even tougher health care data breach penalties and enforcement rules from the Office for Civil Rights. The OCR told Franken that tougher rules were in the works but couldn’t provide a specific timetable.

That is unfortunate. Health care data breaches are preventable through employee education, HIPAA-mandated security risk assessment and, of course, technology. Encryption, network security, identity management and device management systems all come to mind. Plus, every high-profile health care data breach further erodes public confidence in the use of electronic health records, which, as public opinion suggests, are much easier to steal than a filing cabinet.

Will tougher rules finally give the industry a much-needed kick in the pants? The OCR’s random HIPAA audit program did begin last week, and while it represents the first time the government will proactively evaluate health data security, instead of waiting until a breach has occurred, it’s unclear if the audits will serve as more than “teachable moments.”

By and large, the presence of a police car parked behind the bushes and the threat of a speeding ticket do little to deter speeding. Too much is at stake for health data security to receive a similar brush-off.

Join the conversation

8 comments

Send me notifications when other members comment.

Please create a username to comment.

Al Franken, Stuart Smalley, and health data Deep Thoughts http://t.co/nvnixr6D #EHR #EMR #HIPAA #healthIT
Cancel
Sen. @AlFranken calls for stricter #healthcare #databreach regulations, penalties http://t.co/dOlQ5lMh #HIPAA #ONC #OCR #healthIT
Cancel
Franken says "enough", calls for stricter #healthIT #databreach penalties in light of UCLA breach http://t.co/tjVOXVxu #EHR #HITsm #hcsm
Cancel
RT @searchhealthit: Sen. @AlFranken calls for stricter #healthcare #databreach regulations, penalties http://t.co/vhmT5NCU #HIPAA #ONC #OCR
Cancel
RT @searchhealthit: Sen. @AlFranken calls for stricter #healthcare #databreach regulations, penalties http://t.co/vhmT5NCU #HIPAA #ONC #OCR
Cancel
Calls for stricter penalties in light of UCLA data breach http://t.co/tjVOXVxu #HealthIT #EHR #HITsm #HIPAA #hcsm
Cancel
Calls for stricter penalties in light of UCLA data breach http://t.co/tjVOXVxu #HealthIT #EHR #HITsm #HIPAA #hcsm
Cancel
[...] panel, both voiced their concern over patient privacy protection and the current regulatory scheme. Senator Franken has said that he is contemplating legislation to encourage encryption by providers, although no [...]
Cancel

-ADS BY GOOGLE

SearchCompliance

SearchCIO

SearchCloudComputing

SearchMobileComputing

SearchSecurity

SearchStorage

Close