July 25, 2014

Pursuant to Congressional mandate, the U.S. Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR), the agency charged with enforcing the Health Insurance Portability and Accountability Act (HIPAA), recently issued its Annual Report to Congress on Breaches of Unsecured Protected Health Information (Breach Report) and its Annual Report to Congress on HIPAA Privacy, Security, and Breach Notification Rule Compliance (Compliance Report) for calendar years 2011 and 2012.

Although the information contained in these reports may seem dated (as a lot of HIPAA activity occurred in 2013 and the first half of this year, including the passage of the long-awaited HIPAA Final Rule and several highly-publicized enforcement actions), the reports do provide some helpful insight into risk areas and government enforcement efforts. The reports also serve as yet another reminder to covered entities and business associates to examine their compliance efforts and determine if additional compliance measures are necessary.

To view the full alert, click here.