National survey shows 85 percent of hospitals are not compliant with the HITECH Act; 41.5 percent have 10 or more breaches annually; and possible ID fraud going uninvestigated
FRAMINGHAM, Mass.--(BUSINESS WIRE)-- Identity Force today released its Spring 2010 National Survey of Hospital Compliance Executives. More than 200 compliance executives from AHA member hospitals in 43 states indicated data breaches and medical identity theft continue to grow despite new regulations like the Red Flag Rules and the HITECH Act, designed to protect against the theft and loss of personal information.
“It turns out that addressing the problems of data breaches and medical identity theft is proving more complex and time-consuming than hospitals counted on. It’s interesting that many compliance experts now call into question whether or not even the new Healthcare Reform Law will ultimately help on these issues,” said Steven Bearak, CEO of Identity Force. “We are simply copying, digitizing and disseminating personal information faster than we can control it.”
Highlights of the survey:
PROBLEMS ARE WORSENING DESPITE MAJOR REGULATORY EFFORTS
41.5% of hospitals have TEN OR MORE data breaches each year – a 120.7% increase over last year’s survey. Currently, over 20% percent of hospitals have twenty or more breaches annually.
INSIDERS NOT OPTIMISTIC HEALTHCARE REFORM WILL HELP
56.3% of hospital compliance officers believe that the new health care reform law will either have no change or will increase medical identity theft at their institutions.
INVESTIGATION OF FRAUD IS SURPRISINGLY LOW
Despite the fact that medical identity theft is the fastest growing form of identity fraud, 71.4% of hospitals on average investigate fewer than 50 cases of possible misuse of identity annually, and over 34% still do not keep good patient ID records.
TIMELINESS OF COMPLIANCE IS POOR
To date, only 15.7% of hospitals feel they are in compliance with the HITECH Act, which went into effect in February 2010. This lack of compliance mirrors last year’s slow compliance efforts regarding the FTC’s Red Flags Rule.
SECURITY OF THIRD PARTIES IS AN UNKNOWN
48.3% of hospitals do not know if their vendors and business associates are in compliance with the HITECH Act.
“Hospitals must expand their activities from tactical triage to strategic action,” explained Bearak. “Successful organizations will implement organization-wide training programs that create a ‘Breach-Free Culture’ and help eliminate patient ID misuse and fraud. These programs usually pay for themselves many times over by lowering risk and making breaches much less frequent. Avoiding one substantial breach can save millions of dollars in costs.”
About Identity Force
Identity Force is a leading provider of complete, 360° proactive identity theft protection for individuals, businesses and government agencies. Identity Force was launched in 2005 as a response to the dramatic increase in identity theft crimes in the United States. A division of Bearak Reports, Inc. which was founded in 1992, Identity Force draws on broad, deep expertise in information verification services for its complete, proven approach to identity theft protection. For more information about Identity Force, call 1-877-IDFORCE or visit www.identityforce.com.
For Identity Force
Derek Beckwith, 617-331-3567
KEYWORDS: United States North America Massachusetts
INDUSTRY KEYWORDS: Technology Data Management Security Health Hospitals Other Health