HHS Wall of Shame – HIPAA

Bob Chaput

HIPAA-HITECH Data Security and Privacy Expert
HIPAA HITECH Compliance Advisors and Data Mountain


New HHS Wall of Shame

A friend recently told me that the Health and Human Services Data Breach Notification web site has moved and has been improved.  I’ve been so darn busy, I missed it and for some reason Kathleen Sebilius didn’t give me a ring to let me know — what’s up with that!?  In the past, I had dubbed it the ‘Wall of Shame”.

Here’s what’s new:

  1. The new HHS.gov location for breaches affective 500 or more individuals.
  2. The web site is dynamic. One can download the contents in CSV or XML format.  One can sort and filter on all the fields.
  3. The obscure protection that doctors once enjoyed by being listed as “Private Practice” is now gone — lots of doctors names now appear.

Take a gander!  As of this writing, 166 Covered Entities have breached the Protected Health Information (PHI) of ~4.9 million fellow Americans. According to wikipedia, based on 2000 census data, that’s the equivalent of breaching the PHI of the combined populations of Chicago and Houston!  Way to go CEs.  And, don’t forget the “fox in the hen house” phenom given the current “harm threshold” in the current interim rule.


About Bob Chaput
Bob Chaput, MA, CHP, CHSS, MCSE is president of HIPAA HITECH Compliance Advisors and Data Mountain LLC. He is also a contributing expert for HITECH Answers. He speaks and writes extensively on HIPAA and HITECH security matters and is a recognized HIPAA-HITECH data security and privacy expert. He can be contacted at: Bob.Chaput@H3CA.com
Want to learn more about the HIPAA Security Final Rule and implementing a HIPAA risk analysis strategy?  You can download his 32-page white paper – HIPAA Security Risk Analysis and Risk Management Methodology – when you sign up for HITECH Answers free monthly newsletter.