Review the enforcement actions on the OCR website and consider how your ASC can avoid the mistakes made by others.

Since ASCA’s last update in July 2018, healthcare organizations across the country posted 163 breaches of protected health information (PHI) affecting 500 or more individuals. For the first time in two years a single type of breach, hacking or information technology (IT) incident, accounted for a majority (53 percent) of all breaches reported by the Office of Civil Rights (OCR). Hacking and the next most common breach cause, unauthorized access (33 percent), accounted for 86 percent of all PHI breaches between July and December 2018.