Tuesday, March 5, 2024
HomeHealth LawHHS OCR Delivered Annual Experiences to Congress

HHS OCR Delivered Annual Experiences to Congress


In February, when the U.S. Division of Well being and Human Companies (HHS) Workplace for Civil Rights (OCR) delivered two annual studies to Congress for the 2021 calendar yr as mandated by the HITECH Act, a number of notable takeaways have been uncovered. By offering knowledge on enforcement actions and perception into areas of noncompliance, the studies help HIPAA entities to mitigate threat, prioritize compliance efforts, and promote business accountability.

The primary report summarized HIPAA enforcement actions undertaken by OCR in 2021 in addition to the outcomes of the investigations (the “Compliance Report”). The second report supplied perception into breaches of unsecured protected well being info (PHI) and actions taken in response to these breaches (the “Breach Report”).

Key Takeaways from The Compliance Report:

  • In 2021, OCR acquired over 34,000 new complaints: a 25% enhance from 2020
  • Over three-quarters of those complaints have been resolved earlier than initiating an investigation
  • Regardless of the rise, solely 13 resulted in Decision Agreements/Corrective Motion Plans
  • Quite a few outreach actions have been used to coach entities, specializing in pandemic initiatives, like telehealth
  • The highest 5 points alleged have been associated to (1) Impermissible Makes use of and Disclosures; (2) Proper of Entry; (3) Safeguards; (4) Administrative Safeguards pursuant to the HIPAA Safety Rule; and (5) Breach-Discover to People
  • On account of an absence of sources, OCR didn’t provoke any 2021 audits.

Key Takeaways from The Breach Report:

  • OCR acquired 609 notifications of breaches that impacted 500 or extra people
  • This was a 7% lower from 2020, however affected greater than 37 million people
  • Hacking remained essentially the most prevalent trigger for some of these breaches, comprising 75% of the reported breaches
  • There have been greater than 63,000 studies of breaches affecting fewer than 500 people
  • OCR resolved two breach investigations with decision agreements, corrective motion plans, and financial funds totaling $5,125,000.

Each studies included case analyses and summaries of settlement phrases, revealing macro-level developments. Healthcare is a posh, various, and quickly evolving business, with 2022 and 2023 already seeing new priorities associated to AI and web-tracking and digital care issues on the rise.

RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Most Popular

Recent Comments