HIPAA Handbooks

  • Privacy and security training for new and seasoned staff
  • 11 staff/setting focus areas
  • Education on protecting PHI
  • New HITECH Act changes
  • Discounts on bulk purchases



  • Role-based training using real-life case scenarios
  • Test-your-knowledge exercises with remediation
  • Post-course test to document staff participation


Other HIPAA Resources

  • Hot-topic audio conferences
  • Books on privacy and security
  • Newsletters
  • e-Newsletter
  • Videos



Large patient information breach reports decrease over last 14 months

Email This Post Print This Post

The number of entities reporting breaches of unsecured PHI affecting at least 500 individuals to the Office for Civil Rights (OCR) each month has declined by about a third in the last 14 months.

OCR, the enforcer of the HIPAA privacy and security rules, has published 435 reports of such breaches as of this week. The government has published 170 reports in the last 14 months, or an average of 12 cases per month. In the first 15 months since OCR began posting breaches per a HITECH Act requirement in February of 2010, OCR posted about 18 reports each month, or a little more than one every other day.

Among the list of violators are six in the million-breach club, or those who reported breaches affecting more than 1 million patient records. That club is led by TRICARE Management Activity, whose loss of backup tapes September 13, 2011, affected 4,901,432 records.

Health insurance giant Health Net, Inc. earned the second spot as the largest on the list after it reported its potential breach affecting the health records of 1.9 million past and current enrollees to OCR in March. On the Health Net report, the “type of breach” is “unknown,” and the “location of breached info” is listed as “other.”

Leave a Reply