I was just reading about how common HIPAA violations are and thought you may be interested.
It is a bit of a running joke about how common HIPAA violations are. Some violations are small affecting only one individual, while others affect thousands. HIPAA violations don’t always have harmful intent behind them either. Keep reading to see some examples of different violations and breaches.
What Happened?
Gateway Rehabilitation Center in Pennsylvania had a data breach. 130,000 individuals were affected and notified of the data breach. The breach took place in June 2022 according to Health IT Security.
Gateway Rehab discovered an “incident disrupting access to certain systems”. Gateway took steps right away to secure its data. Still, information such as names, medical information, and social security numbers were compromised.
When this breach took place providers had 60 days to notify those who were affected. Gateway failed to do so, notifying people on November 18, 2022, created an even further HIPAA violation. However, according to Gateway Rehab, “Gateway Rehab takes the security of its patient information very seriously”… “steps to help prevent a similar event from occurring in the future” have been taken.
Is this Uncommon?
The answer is NO. University Medical Center (UMC) of Southern Nevada recently had a breach. An employee gained access to EHR information and viewed information without an acceptable reason. UMC had to notify 1,861 individuals that their information was compromised in the breach.
Said employee caused the breach between May 19, 2021, and September 22, 2022. Information including but not limited to clinical information, and insurance information was compromised.
UMC does not believe any of the compromised information was used, and it is believed the breach happened without the intent to compromise anyone.
UMC has taken steps to ensure another breach does not happen. Said employee was terminated and new training protocols for current employees.
Another One!
On October 4, 2022, a file containing personal information was distributed. The breach occurred at Yakima Neighborhood Health Services (YNHS). 2,689 individuals’ data was compromised.
“YNHS took steps to ensure the recipient deleted the file from their possession.” Data including their name, medical record numbers, and other information was misused.
YNHS has taken steps in response to this incident. Alterations were made to help prevent similar incidents from occurring in the future.
HIPAA breaches and violations are so common. You need to stay up to date on your rights as a patient, and your responsibility as a provider. Carosh is here to help make being HIPAA compliant easier. If you believe we could help you, please visit the link below.
Resources:
If you want to make sure your practice is HIPAA compliant visit: HIPAA Diagnostic® – Carosh Compliance Solutions
Source:
McKeon, Jill. “Healthcare Data Breach at PA Rehab Center Impacts 130K.” Health IT Security, 22 Nov. 2022, healthitsecurity.com/news/healthcare-data-breach-at-pa-rehab-center-impacts-130k. Accessed 3 Jan. 2023.