A recent national survey* of Hospital Compliance Officers shows concrete data confirming what we see every day in private practices.
Compliance with HIPAA is miserably low.
Some survey numbers are below, but first some clarity.
This survey was of hospitals.
More specifically, large organizations that have lots of money to pay people,
like Hospital Compliance Officers, to ensure they are in compliance with HIPAA regulations.
I say again:
- Large organizations
- Staff charged with HIPAA compliance
These are not private practices who don’t have proper training,
who are already too busy and who feel like they don’t have the
resources to comply. If hospitals with paid compliance officers
can’t get this right, then you shouldn’t feel bad that you don’t
have it right…or at least that you are unsure as to whether you have it right.
If the point hasn’t been made clearly yet, then:
Get Your Act Together Now!
OK, a few numbers:
- Only 15.7% of hospitals feel they are in compliance with HIPAA or the HITECH Act, which went to effect in February 2010.
- 48.3% of hospitals do not know if their vendors and business associates are in compliance with the HITECH Act.
From our dealings with private practices, the first bullet right in line with what we see.
I typically state that 80%+ of all medical practices are not in compliance.
Yet, I have 100% confidence we could walk into your medical practice and
show that YOUR medical practice is not in compliance with HIPAA or the HITECH Act.
That second bullet is way low for the private medical practice world.
The number of medical practices using an Associate’s Agreement is easily under 10%.
Remember, an Associate’s Agreement is a risk reduction document for YOU.
*The survey was taken by IdentityForce, a provider of identity theft solutions.