[Med-privacy] survey results

[Peter Marshall]

HIPAA Privacy

- Only 78% of Providers and 90% of Payers indicated that they are 
compliant with the Privacy Rule, almost two years after the deadline 
(April 2003). Sixteen percent (16%) of Providers and 8% of Payers 
reported that they remain non-compliant. This reflects little or no 
improvement since our Summer 2004 Survey.

- Even among "compliant" organizations, gaps remain in certain areas, 
such as establishing Business Associate Agreements and monitoring 
internal Privacy compliance.

- Seventy-three percent (73%) of Providers and 56% of Payers reported 
their organizations had experienced one or more privacy breaches over 
the past six months.

- Twenty-seven percent (27%) of Providers and 31% of Payers have had at 
least one formal complaint of privacy violation filed against them, 
either with the Federal government or in a civil proceeding, since the 
Privacy compliance deadline.

[HIPAAlert]