According to a national survey conducted by HIMSS Analytics (Chicago) and commissioned by ID Experts (Beaverton, Ore.), 68 percent of all hospitals believe the HITECH Act’s expanded breach notification requirements will result in the discovery and reporting of more incidents.
Findings from the study, which aimed to assess the state of healthcare vulnerability to data breaches, indicate that business associates are largely unprepared to meet the new data breach related obligations included in HITECH. According to the results, approximately one-third of business associates surveyed were not aware that they need to adhere to federal HIPAA privacy and security requirements, compared to 87 percent of health providers.
On the hospital and health provider side, 85 percent said they will take steps to ensure that data held by business associates will not be breached, and 47 percent said they would terminate their contracts with their business associates for violations.
To view the complete HIMSS Analytics survey, Evaluating HITECH’s Impact on Healthcare Privacy and Security, click here.
Grand Prairie, Texas-based Rainbow Children's Clinic was the victim of a ransomware attack on its IT systems in August, affecting more than 33,000 patients, according to multiple news media reports this week.