Help

BI’s Article search uses Boolean search capabilities. If you are not familiar with these principles, here are some quick tips.

To search specifically for more than one word, put the search term in quotation marks. For example, “workers compensation”. This will limit your search to that combination of words.

To search for a combination of terms, use quotations and the & symbol. For example, “hurricane” & “loss”.

Login Register Subscribe

Breaches among health care entities, associates soar: GAO

Reprints
breaches

Hijacking and information technology incidents reported to the Department of Health and Human Services’ Office for Civil Rights among covered entities and business associates have increased by 843% between 2015 and last year, says the U.S. Government Accountability Office in a report issued Monday.

The report said there were a total of 1,781 incidents during that period. According to the report, the OCR’s deputy director for health information privacy has said that covered entities and business associates reported email as a common attack vector among the breached. A lack of multifactor authentication was a common factor among entities that experienced a breach, the director reported. 

The GAO also reported that the number of incidents involving unauthorized access and disclosures increased 435% since 2015, to 926.

The report recommends that the HHS Office of Civil Rights, which manages the breach reporting process, develop a “clear mechanism” to provide feedback on the breach reporting process.