No Result
View All Result
SUBSCRIBE | NO FEES, NO PAYWALLS
MANAGE MY SUBSCRIPTION
NEWSLETTER
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • Career Connection
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Download Whitepapers & Reports
    • Download eBooks
    • New: Living Your Best Compliance Life by Mary Shirley
    • New: Ethics and Compliance for Humans by Adam Balfour
    • 2021: Raise Your Game, Not Your Voice by Lentini-Walker & Tschida
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
    • On-Demand Webinars: Earn CEUs
  • Subscribe
  • Home
  • About
    • About CCI
    • Writing for CCI
    • Career Connection
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Download Whitepapers & Reports
    • Download eBooks
    • New: Living Your Best Compliance Life by Mary Shirley
    • New: Ethics and Compliance for Humans by Adam Balfour
    • 2021: Raise Your Game, Not Your Voice by Lentini-Walker & Tschida
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
    • On-Demand Webinars: Earn CEUs
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home Compliance

Survey: Majority Admit Missing Key Piece of HIPAA Compliance

Nearly halfway through 2022, casual poll shows many organizations may fail to prioritize annual security risk analysis

by Corporate Compliance Insights
June 8, 2022
in Compliance
medical records hipaa

While an annual security risk analysis is considered foundational for HIPAA compliance, a majority of respondents to a casual survey admit failing to prioritize this critical task.

A recent poll of webinar attendees found that barely one-third may be fully HIPAA compliant, based on responses to a single question: “Have you completed your HIPAA Risk Analysis for this year?”

Conducting an annual security risk analysis is one of the foundational requirements of HIPAA compliance. Still, only about 34 percent of participants in the poll conducted by Compliancy Group said they’d completed their HIPAA risk assessment for this year — nearly halfway through 2022.

Liam Degnan, director of strategic initiatives for Compliancy Group, said he does not find the numbers surprising. 

“Look at the statistics of HIPAA violations and fines. You can trace an overwhelming majority of them directly to the failure to conduct or complete a security risk analysis,” Degnan said. “When properly done, this analysis provides a snapshot of an organization’s current state of compliance so that gaps can be identified and remediated. The government demands that it be done every year because it serves as a measuring stick of what is being done. It is an essential part of building the case that an organization is making a good faith effort to comply with the HIPAA laws.”

The results from this survey are echoed by Ryan Smith, director of sales and customer success for Rigid Bits, a managed security service provider and cybersecurity firm.

“I talk to so many people who swear they’re HIPAA compliant, but 99 percent of them are not,” Smith said.

Considering ongoing threats from organized cybercriminals in Russia, China and North Korea, achieving HIPAA compliance is considered a minimum step for healthcare providers or vendors to secure a patient’s protected health information.

According to the Department of Health and Human Services (HHS), breach reporting portal (a.k.a. The Wall of Shame) breaches have exposed at least 10.6 million patient records through the first five months of 2022. This total includes incidents involving breaches affecting 500 or more records per incident.

The regulations and expectations are the same for every healthcare provider, insurance company or vendor serving them who creates or possesses protected health information. The one-doctor practice in rural America and a regional medical system serving a metropolitan area must meet the same standard. The way each achieves that standard can and does vary wildly.

“There are two key points that you must understand if you have to be HIPAA compliant. First, it’s a journey, not a destination. You must continue to conduct risk assessments, train employees and update policies and procedures to reflect what you are doing to meet the seven fundamental compliance elements,” said Marc Haskelson, chief executive officer of Compliancy Group.

“Second, one size fits all doesn’t truly fit anyone. The law requires you to tailor your compliance strategy to your organization’s operation. Two practices with the same number of patients, in the same city, offering the same services may not run their practices in the same manner,” Haskelson said.

A total of 146 respondents participated anonymously in the survey, which was conducted on May 20 during Compliancy Group’s “6 Secret Ingredients to HIPAA Compliance” webinar. 

 

This non-sponsored article was prepared with material provided by Compliancy Group.
Since 2005, Compliancy Group has been committed to simplifying and verifying the HIPAA Compliance process for small and mid-sized Covered Entities and Business Associates. The company’s web-based software solution “The Guard” coupled with live guided coaching allows clients to automate 86% of the administrative tasks associated with HIPAA compliance. 


Tags: HIPAARisk Assessment
Previous Post

5 Reasons Why Compliance Alone Is Not Efficient at Reducing Cyber Risks

Next Post

Beware of Danger: In the Zoo of Risk, Organizations Must Prepare for Anything — Especially Disruptors

Corporate Compliance Insights

Corporate Compliance Insights

Corporate Compliance Insights

Related Posts

dumb money movie collage

Can We Teach Old Watchdogs New Tricks?

by Matt Smith
September 13, 2023

“Dumb Money,” which opens in theaters later this month, tells the story of how retail investors turned GameStop, a struggling...

brushes stacked on paint can

In De-Risking, Are Financial Institutions Painting With Too Broad a Brush?

by John Calderon
September 4, 2023

Financial institutions have increasingly embraced the practice of de-risking as part of their AML strategies. This approach involves reducing or...

Medical professional enters information into electronic medical record

Navigating HIPAA Compliance in the Cloud: Is Google Workspace the Right Fit?

by Nick Harrahill
August 15, 2023

By 2025, an estimated 85% of enterprises will shift to a cloud-first mindset, while others will adopt a hybrid approach...

medical record stethoscope

Survey: Consumers Don’t Trust Big Tech to Handle Their Health Data

by Staff and Wire Reports
July 27, 2023

The number of healthcare data breaches in the U.S. has doubled over the past three years, according to a report...

Next Post
deloach zoo of risk

Beware of Danger: In the Zoo of Risk, Organizations Must Prepare for Anything — Especially Disruptors

Available SQ
New call-to-action

Jump to a Topic

AML Anti-Bribery Anti-Corruption Artificial Intelligence (AI) Automation Banking Board of Directors Board Risk Oversight Business Continuity Planning California Consumer Privacy Act (CCPA) Communications Management Corporate Culture COVID-19 Cryptocurrency Culture of Ethics Cybercrime Cyber Risk Data Analytics Data Breach Data Governance DOJ Download Due Diligence Enterprise Risk Management (ERM) ESG FCPA Enforcement Actions Financial Crime Financial Crimes Enforcement Network (FinCEN) GDPR HIPAA Know Your Customer (KYC) Machine Learning Monitoring RegTech Reputation Risk Risk Assessment Sanctions SEC Social Media Risk Supply Chain Technology Third Party Risk Management Tone at the Top Training Whistleblowing
No Result
View All Result

Privacy Policy

Founded in 2010, CCI is the web’s premier global independent news source for compliance, ethics, risk and information security. 

Got a news tip? Get in touch. Want a weekly round-up in your inbox? Sign up for free. No subscription fees, no paywalls. 

Follow Us

Browse Topics:

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks Published by CCI
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • On Demand Webinars
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Well-Being
  • Whitepapers

© 2023 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • Career Connection
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Download Whitepapers & Reports
    • Download eBooks
    • New: Living Your Best Compliance Life by Mary Shirley
    • New: Ethics and Compliance for Humans by Adam Balfour
    • 2021: Raise Your Game, Not Your Voice by Lentini-Walker & Tschida
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
    • On-Demand Webinars: Earn CEUs
  • Subscribe

© 2023 Corporate Compliance Insights

Welcome to CCI. This site uses cookies. Please click OK to accept. Privacy Policy
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT