The association surveyed 1,117 hospitals and health systems, asking officials at the facilities about compliance with Health Insurance Portability and Accountability Act (HIPAA) rules. Although 91 percent said in 2005 that they were mostly compliant, that number dropped to 85 percent this year.
“A slight drop in the number of facilities reporting themselves to be fully or mostly compliant with HIPAA should serve as a warning to the industry that compliance should not be taken for granted,” AHIMA President Jill Callahan Dennis said in a written statement.
Clearly, as the article states, for most facilities the security rule is easier to implement, simply because so many of its initiatives don't rely on human interaction. And that security rule compliance has risen dramatically is probably the result of it being implemented by technical people, who are far less likely to see it as something that interferes with their primary function, unlike front-line caregivers who are interested in providing care and not so interested in extra rules that feel like they interfere with that.
Still, the fact that privacy rule compliance has fallen is not a good sign. Sooner or later, someone is going to get caught big-time, and it ain't gonna be pretty. Please do what you can to make sure it isn't you.