A friend recently told me that the Health and Human Services Data Breach Notification web site has moved and has been improved.  I’ve been so darn busy, I missed it and for some reason Kathleen Sebilius didn’t give me a ring to let me know — what’s up with that!?  In the past, I had dubbed it the ‘Wall of Shame”.

Here’s what’s new:

  1. The new location is: https://ocrportal.hhs.gov/ocr/breach/breach_report.jsf
  2. The web site is dynamic and fun!  One can download the contents in CSV or XML format.  One can sort and filter on all the fields.
  3. The obscure protection that doctors once enjoyed by being listed as “Private Practice” is now gone — lots of doctors names now appear.

Take a gander!  As of this writing, 166 Covered Entities have breached the Protected Health Information (PHI) of ~4.9 million fellow Americans — according to wikipedia, based on 2000 census data, that’s the equivalent of breaching the PHI of the combined populations of Chicago and Houston!  Way to go CEs.  And, don’t forget the “fox in the hen house” phenom given the current “harm threshold” in the current interim rule.

If you’re trying to figure out where you stand on your HIPAA HITECH regulatory compliance journey or need help getting there, please keep us in mind.


Clearwater Compliance

Clearwater Compliance helps healthcare organizations ensure patient safety and improve the quality of care by safeguarding the confidentiality, integrity and availability of protected health information (PHI).

We have assisted more than 400 customers to operationalize and mature their information privacy, security, compliance and information risk management programs. And in the process, we are raising the bar for safeguarding PHI, protecting millions of Americans and driving real value for the organizations we support and the healthcare industry at large.