Survey: Delayed Compliance with New Regulations Has Increased Data Breaches and Medical Identity Theft in U.S. Hospitals
Although some will tend to minimize survey results when the surveyor has a self-serving interest, the results of the recent Identity Force survey of over 200 hospital administrators provides unsurprising, yet troubling, data. From their press release about the survey:
PROBLEMS ARE WORSENING DESPITE MAJOR REGULATORY EFFORTS
41.5% of hospitals have TEN OR MORE data breaches each year – a 120.7% increase over last year’s survey. Currently, over 20% percent of hospitals have twenty or more breaches annually.
INSIDERS NOT OPTIMISTIC HEALTHCARE REFORM WILL HELP
56.3% of hospital compliance officers believe that the new health care reform law will either have no change or will increase medical identity theft at their institutions.
INVESTIGATION OF FRAUD IS SURPRISINGLY LOW
Despite the fact that medical identity theft is the fastest growing form of identity fraud, 71.4% of hospitals on average investigate fewer than 50 cases of possible misuse of identity annually, and over 34% still do not keep good patient ID records.
TIMELINESS OF COMPLIANCE IS POOR
To date, only 15.7% of hospitals feel they are in compliance with the HITECH Act, which went into effect in February 2010. This lack of compliance mirrors last year’s slow compliance efforts regarding the FTC’s Red Flags Rule.
SECURITY OF THIRD PARTIES IS AN UNKNOWN
48.3% of hospitals do not know if their vendors and business associates are in compliance with the HITECH Act.
You can get a free copy of their entire report, Spring 2010 National Survey of Hospital Compliance Executives, here.