Suppr超能文献

HIPAA 综合规则在降低医疗数据泄露频率中的作用:来自实证研究的见解。

The Role of HIPAA Omnibus Rules in Reducing the Frequency of Medical Data Breaches: Insights From an Empirical Study.

机构信息

School of Business, University of Connecticut.

Center for Technology Innovation, Governance Studies, the Brookings Institution.

出版信息

Milbank Q. 2018 Mar;96(1):144-166. doi: 10.1111/1468-0009.12314.

DOI:10.1111/1468-0009.12314
PMID:29504206
原文链接:https://pmc.ncbi.nlm.nih.gov/articles/PMC5835681/
Abstract

UNLABELLED

Policy Points: Frequent data breaches in the US health care system undermine the privacy of millions of patients every year-a large number of which happen among business associates of the health care providers that continue to gain unprecedented access to patients' data as the US health care system becomes digitally integrated. Implementation of the HIPAA Omnibus Rules in 2013 has led to a significant decrease in the number of privacy breach incidents among business associates.

CONTEXT

Frequent data breaches in the US health care system undermine the privacy of millions of patients every year. A large number of such breaches happens among business associates of the health care providers that continue to gain unprecedented access to patients' data as the US health care system becomes digitally integrated. The Omnibus Rules of the Health Insurance Portability and Accountability Act (HIPAA), which were enacted in 2013, significantly increased the regulatory oversight and privacy protection requirements of business associates. The objective of this study is to empirically examine the effects of this shift in policy on the frequency of medical privacy breaches among business associates in the US health care system. The findings of this research shed light on how regulatory efforts can protect patients' privacy.

METHODS

Using publicly available data on breach incidents between October 2009 and August 2017 as reported by the Office for Civil Rights (OCR), we conducted an interrupted time-series analysis and a difference-in-differences analysis to examine the immediate and long-term effects of implementation of HIPAA omnibus rules on the frequency of medical privacy breaches.

FINDINGS

We show that implementation of the omnibus rules led to a significant reduction in the number of breaches among business associates and prevented 180 privacy breaches from happening, which could have affected nearly 18 million Americans.

CONCLUSIONS

Implementation of HIPAA omnibus rules may have been a successful federal policy in enhancing privacy protection efforts and reducing the number of breach incidents in the US health care system.

摘要

未标注

政策要点:美国医疗保健系统中频繁的数据泄露每年破坏数以百万计患者的隐私,其中很大一部分发生在医疗保健提供者的业务伙伴中,随着美国医疗保健系统数字化整合,这些业务伙伴继续获得对患者数据的前所未有的访问权限。2013 年实施的 HIPAA 综合规则导致业务伙伴之间的隐私泄露事件数量显著减少。

背景

美国医疗保健系统中频繁的数据泄露每年破坏数以百万计患者的隐私。其中很大一部分发生在医疗保健提供者的业务伙伴中,随着美国医疗保健系统数字化整合,这些业务伙伴继续获得对患者数据的前所未有的访问权限。2013 年颁布的《健康保险携带和责任法案》(HIPAA)综合规则大大增加了业务伙伴的监管监督和隐私保护要求。本研究的目的是实证检验这一政策转变对美国医疗保健系统中业务伙伴医疗隐私泄露频率的影响。这项研究的结果揭示了监管努力如何保护患者隐私。

方法

利用 OCR 报告的 2009 年 10 月至 2017 年 8 月期间的公开数据,我们进行了中断时间序列分析和差分分析,以检验 HIPAA 综合规则实施对业务伙伴医疗隐私泄露频率的即时和长期影响。

结果

我们表明,综合规则的实施导致业务伙伴的违规数量显著减少,并防止了 180 起隐私违规事件的发生,这可能影响了近 1800 万美国人。

结论

HIPAA 综合规则的实施可能是一项成功的联邦政策,增强了隐私保护工作,并减少了美国医疗保健系统中的违规事件数量。

相似文献

1
The Role of HIPAA Omnibus Rules in Reducing the Frequency of Medical Data Breaches: Insights From an Empirical Study.
Milbank Q. 2018 Mar;96(1):144-166. doi: 10.1111/1468-0009.12314.
2
New HIPAA rules: a guide for radiology providers.
Radiol Manage. 2013 Mar-Apr;35(2):34-9; quiz 40-1.
3
The law of unintended (financial) consequences: the expansion of HIPAA business associate liability.
J Health Care Finance. 2013 Summer;39(4):28-35.
4
Health Insurance Portability and Accountability Act (HIPAA) Compliance
5
What to do before the office for civil rights comes knocking: Part II. Coping with breaches, enforcement, and other fallout of HIPAA: the significance of harm.
J Med Pract Manage. 2012 Sep-Oct;28(2):87-90.
6
Update on HIPAA privacy: are you ready?
Genet Med. 2003 May-Jun;5(3):183-6. doi: 10.1097/01.GIM.0000068625.72823.86.
7
HIPAA update: changes to notice of privacy practices and new requirements for analyzing breaches.
J Med Assoc Ga. 2013;102(3):36, 38.
8
Review of HIPAA, Part 2: Limitations, Rights, Violations, and Role for the Imaging Technologist.
J Nucl Med Technol. 2020 Mar;48(1):17-23. doi: 10.2967/jnmt.119.227827. Epub 2019 Oct 11.
9
Modifications to the HIPAA Privacy, Security, Enforcement, and Breach Notification rules under the Health Information Technology for Economic and Clinical Health Act and the Genetic Information Nondiscrimination Act; other modifications to the HIPAA rules.
Fed Regist. 2013 Jan 25;78(17):5565-702.
10
Roadmap to HIPAA: keeping occupational health nurses on track.
AAOHN J. 2004 Apr;52(4):169-77; quiz 178-9.

引用本文的文献

1
For-profit versus non-profit cybersecurity posture: breach types and locations in healthcare organisations.
Health Inf Manag. 2024 Sep;53(3):198-205. doi: 10.1177/18333583231158886. Epub 2023 Feb 24.
2
Getting Smarter about Smart Cities: Improving Data Security and Privacy through Compliance.
Sensors (Basel). 2022 Nov 30;22(23):9338. doi: 10.3390/s22239338.
3
Use of Patients' Protected Health Information to Solicit Hospital Funds: How did This Practice Come About?
J Patient Exp. 2022 Jun 7;9:23743735221106604. doi: 10.1177/23743735221106604. eCollection 2022.

本文引用的文献

1
Implementation Of Prescription Drug Monitoring Programs Associated With Reductions In Opioid-Related Death Rates.
Health Aff (Millwood). 2016 Jul 1;35(7):1324-32. doi: 10.1377/hlthaff.2015.1496. Epub 2016 Jun 22.
2
Drivers of information disclosure on health information exchange platforms: insights from an exploratory empirical study.
J Am Med Inform Assoc. 2015 Nov;22(6):1183-6. doi: 10.1093/jamia/ocv086. Epub 2015 Aug 14.
3
Federal parity law associated with increased probability of using out-of-network substance use disorder treatment services.
Health Aff (Millwood). 2015 Aug;34(8):1331-9. doi: 10.1377/hlthaff.2014.1384.
4
Eliminating Medicaid adult dental coverage in California led to increased dental emergency visits and associated costs.
Health Aff (Millwood). 2015 May;34(5):749-56. doi: 10.1377/hlthaff.2014.1358.
5
Changes in antidepressant use by young people and suicidal behavior after FDA warnings and media coverage: quasi-experimental study.
BMJ. 2014 Jun 18;348:g3596. doi: 10.1136/bmj.g3596.
6
Use of interrupted time series analysis in evaluating health care quality improvements.
Acad Pediatr. 2013 Nov-Dec;13(6 Suppl):S38-44. doi: 10.1016/j.acap.2013.08.002.
7
The HIPAA conundrum in the era of mobile health and communications.
JAMA. 2013 Sep 18;310(11):1121-2. doi: 10.1001/jama.2013.219869.
8
Putting health IT on the path to success.
JAMA. 2013 Mar 13;309(10):989-90. doi: 10.1001/jama.2013.1474.
9
Driving population health through accountable care organizations.
Health Aff (Millwood). 2011 Jan;30(1):41-50. doi: 10.1377/hlthaff.2010.0935.
10
The Hippocratic bargain and health information technology.
J Law Med Ethics. 2010 Spring;38(1):7-13. doi: 10.1111/j.1748-720X.2010.00460.x.

文献AI研究员

20分钟写一篇综述,助力文献阅读效率提升50倍。

立即体验

用中文搜PubMed

大模型驱动的PubMed中文搜索引擎

马上搜索

文档翻译

学术文献翻译模型,支持多种主流文档格式。

立即体验