This study, co-sponsored by ID Experts, the leader in identity breach protection, exposes some significant concerns.  It concludes that healthcare business associates, those organizations that provide services such as billing, credit bureaus, benefits management, legal services, claims processing, insurance brokers, data processing firms, pharmacy chains, accounting firms, temporary office personnel, and offshore transcription, are “unprepared for data breach”.

Further it notes that  “68 Percent of Provider Respondents Indicated that the HITECH Act’s Expanded Breach Notification Requirements will Result in More Discovery and Reporting of Incidents”.

This implies that healthcare organization are experiencing data breach incidents that in the past have either gone unrecognized or unreported. And that the new law is likely to “expose” more incidents because of the compliance requirements and the potentially large penalties for non-compliance.It also notes that a lack of preparedness and concern on the part of healthcare providers’ business associates creates a very significant risk to the privacy of their patients.