HHS Reports on HIPAA Compliance and Areas That Need Improvement

By: Cristina N. Hyde, JD

On February 17, 2023, the U.S. Department of Health and Human Services Office for Civil Rights (OCR) shared two Reports to Congress for 2021 on HIPAA Privacy, Security, and Breach Notification Rule Compliance  and Breaches of Unsecured Protected Health Information.  The purpose of supplying this information was to assist in the compliance efforts of covered entities by sharing data regarding potential violations and the steps that were taken to investigate those complaints as they relate to current HIPAA rules and regulations.

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) was established to create federal protections for maintaining the privacy and security of protected health information (PHI) and give individuals rights with respect to the disclosure of that information. However, according to the reports, there have been significant increases in HIPAA complaints and large breaches reported from 2017-2021.  To address areas of concern, the reports include specific information relating to:

  • Numbers of HIPAA cases investigated and the methods by which they were resolved.
  • Numbers of reported breaches of unsecured protected health information and action steps taken in response to those breaches.
  • Areas in need of improvement such as risk analysis and risk management.

Overall, despite reporting steps already taken to increase public outreach and awareness, the reports recommend that additional strategies are necessary to improve compliance with HIPAA.

Campanella Law Office recognizes the importance of patience privacy and offers a complimentary on-line HIPAA risk assessment through its strategic partner, The Garlick Group.

Campanella Law Office also offers a package of services to ensure HIPAA compliance.  If you would like assistance reviewing your HIPAA compliance procedures or have any questions related to the protection of protected health information, contact us.

Comments are closed.