• Home
• Topics
  • Business and Finance
  • Chronic Disease Care
  • Consumer Information
  • Data Standards
  • EHRs and PHRs
  • Global Health
  • Health Plans
  • Hospitals
  • Meaningful Use
  • Mobile Health
  • ONC
  • Patient Safety
  • Physician Practices
  • Policy
  • Privacy and Security
  • Public Health
  • Telehealth
• Perspectives
  • Current Perspectives
  • Perspectives Archive
• Features
  • Current Feature
  • Features Archive
• Data Points
  • Current Data Point
  • Data Point Archive
• Special Reports
• Most Popular
  • Most Viewed
  • Most Emailed
  • Most Commented

EVENTS

View All Events

FROM THE FOUNDATION

Informing Choices, Improving Outcomes

The California Joint Replacement Registry collects data on device efficacy, surgical techniques, and patient outcomes for hip and knee replacements. A new report details how this CHCF-sponsored effort is faring.

CMS could take steps to better respond to breaches of Medicare beneficiaries' protected health information, according to a report from HHS' Office of Inspector General, Health Data Management reports.

For the report, OIG studied CMS breaches that occurred between Sept. 23, 2009 -- when a new breach notification rule took effect -- and Dec. 31, 2011.

Findings About Data Breaches

During that timeframe, OIG found that CMS experienced 14 breaches affecting 13,775 Medicare beneficiaries. Of those beneficiaries:

• 13,412 were affected by a single breach involving a Medicare summary notice printing error;
• 190 were affected by two incidents in which data were posted online;
• 165 were affected by 10 incidents involving mailing or communication errors; and
• Eight were affected by an incident in which a contractor stole data.

OIG found that for half of the breaches, CMS did not notify affected beneficiaries within 60 days, as required by the federal breach notification rule (Goedert, Health Data Management, 10/11).

OIG in its report stated, "If CMS does not follow requirements for handling breaches, opportunities increase for medical identity theft and fraudulent billing of the Medicare program" (Daly, Modern Healthcare, 10/10).

Report Identifies Issues With CMS Database

OIG also found that contractors are not effectively using a CMS database that contains information on Medicare beneficiaries and providers who have been affected by identity theft. The database currently includes 284,000 Medicare beneficiary identification numbers and 5,000 Medicare provider numbers.

The report found that contractors often:

• Are unaware of the database's features;
• Do not use the database in a standard and efficient way;
• Do not take steps to stop payments for compromised numbers; and
• Report usability problems with the database.

Recommendations

To address the issues outlined in its report, OIG recommended that CMS:

• Meet breach notification deadlines;
• Improve the usability of the database on compromised Medicare numbers;
• Train contractors on how to effectively use the database; and
• Establish a process for re-issuing identification numbers to beneficiaries who are affected by medical identity theft (Health Data Management, 10/11).

• Print
• Email
• Share
  • Facebook
  • Twitter
  • Google+
  • LinkedIn
  • Digg

RELATED STORIES

09/20/2012

Ky. Health Agency Alerts 2,500 Individuals About Potential Data Breach

09/19/2012

Appeals Court Allows Data Breach Lawsuit To Proceed Against Insurer

09/18/2012

Mass. Eye, Ear Group To Pay $1.5M to HHS To Settle HIPAA Violations

09/11/2012

ONC Video Game Offers Training on Health Data Privacy and Security

MOST POPULAR ARTICLES

• 
• 
•