The federal government levies hefty fines for breaches but doesn't have to follow its own rules.
Why does the cost of healthcare in the United States continue to escalate? One reason is the high cost of protecting against data breaches and insurance to mitigate the risk of potential fines.
Of course, it’s crucial that every healthcare provider, health plan, clearinghouse, and business associate take data security seriously. All stakeholders must do their part to prevent unlawful access—whether unintentional or intentional. But ever-increasing fines are driving up the costs of healthcare for all of us.
My company never stores unencrypted data, does not allow remote access to our computer systems and uses keystroke tracking software to monitor what our employees are doing. Despite these precautions that go well beyond what’s required for minimum protection, our cybersecurity insurance tops $17,000 a year.
Anthem made headlines in early 2015 when records for 74 million patients were breached by hackers. The health insurer made headlines again in June when it agreed to settle a class action lawsuit concerning the breach for $115 million. That’s on top of the $260 million it reportedly has spent to beef up cybersecurity in the wake of the breach. The company just reported yet another breach, this one affecting 18,000 Medicare enrollees, allegedly through the actions of a business associate.
Who’s ultimately going to pay these costs? You and me, of course, in the form of higher premiums.
Yet, while the federal government continues to dictate data protection policies, it does not have to abide by its own rules. Dictating compliance while not being subject to it yourself smacks of preferential treatment.
In the recent Senate debate over whether to repeal and replace Obamacare, many were up in arms over whether Congressional staffers would be exempt from the provisions (they weren’t). But it does appear that the playing field isn’t level between the federal government and industry on data breaches.
Rather than continuing to dictate terms and demand ever-higher fines for breaches, the feds could actually help the industry by offering resources to combat cyber theft, hacking and other data breaches. Offering carrots rather than sticks could help solve this common problem.
CMS Medicare Final Rule: Advancing Benefits, Competition, and Consumer Protection
May 7th 2024On this episode of Managed Care Cast, we're talking with Karen Iapoce, senior director of government products and programs at ZeOmega, about the recent CMS final rule on Medicare Part D and Medicare Advantage.
Listen
Tackling Health Inequality: The Power of Education and Experience
April 30th 2024To help celebrate and recognize National Minority Health Month, we are bringing you a special month-long podcast series with our Strategic Alliance Partner, UPMC Health Plan. Welcome to our final episode of this limited series and our conversation with Janine Jelks-Seale, MSPPM, director of health equity at UPMC Health Plan.
Listen
AUA Session Highlights the General Urologist’s Role in Gender-Affirming Care
May 7th 2024During her session, Polina Reyblat, MD, Kaiser Permanente Los Angeles Medical Center, highlighted best practices urologists should incorporate to make transgender and gender-diverse patients comfortable during physical exams and avoid retraumatization.
Read More