Are You Ready for the 2024 Program and Focus Audit?

Take the Assessment now
Healthcare Data Security: Alarming Statistics and Essential Insights Healthcare Data Security: Alarming Statistics and Essential Insights

    Name *

    Email *



    Download Files


    • The State Regulatory Guidance (All Plan letters) responsibilities include, but are not limited to:
      1. DHCS All Plan Letter (APL) and Policy Letter (PL) Applicable Notices
      2. DHCS All Plan Letter (APL) and Policy Letter (PL) - Non-Applicable Notices
      3. Submits proof of APL and PL compliance documents to DHCS
    • The Organization Risk Assessment responsibilities include, but are not limited to:
      1. Review of new potential risks with assigned accountable business owners
      2. Provide final data set to senior executive team for implementation of agreed upon interventions
    • The Regulatory Audit Process responsibilities include, but are not limited to:
      1. Creation of audit folders
      2. Tracking of documents/universe and requests received from the auditor and distributed to the business owners
      3. Audit Readiness Questionnaires
    • The Regulatory Routine Reporting responsibilities include, but are not limited to:
      1. Maintaining calendar for all regulatory compliance
      2. Tracking timeliness of business owner’s submissions and attestation


    Continuous monitoring allows a health plan to quickly and easily keep its finger on the pulse of the delegates’ performance to identify potential risks or issues before they become major problems. This will help ensure compliance with needed regulations through the health plan’s ability to:

    • Expedite feedback processes to mitigate operational and enterprise risks
    • Utilize streamlined reporting processes to automate reviews and highlight elements that are approaching identified tolerances
    • Track findings, recommendations and corrective action plans, as well as trends over time, to quickly compare delegates and prepare for renegotiation when the time comes

    Audit and CAP

    Auditing delegated entities is essential for maintaining good governance, managing risk and ensuring compliance within an organization. Health plans can now efficiently oversee audits and perform file reviews of their delegated entities and vendors and maintain a system-wide overview of all compliance activities:

    • Deliver real-time audit results
    • Lower audit backlog, efforts and timelines
    • Help health plans with pre- and post-delegation audits of all areas of delegation
    • Create and manage Corrective Action Plans (CAP) for all audits that produce findings

    Pre-delegation audit

    The pre-delegation audit process involves a comprehensive review of the proposed delegates’ policies, procedures, and systems, as well as an assessment of their compliance with relevant technical and operational standards. The audit may also include a review of their financial stability and management structure. Our module helps guide the process through:

    • Facility Site Review audits
    • Medical Record Review audits
    • Credentialing Audits Pre- and Annual re-certification
    • Utilization Management audits including Quality Management (QM) audits
    • Special Needs Plan (SNP) audits

    Delegation repository

    Centralized database of your various delegate or vendor information, allowing health plans to easily track and manage relationships with its FDRs.

  • Demographic information
  • Contact information
  • Responsibilities or functions assigned
  • Audit activities and past performance
  • The Essentials for Healthcare Data Security

    In 2022, more than 43 million records were compromised due to hacking or an IT incident. The major portion of these breaches happened at network servers and through emails. The numbers are even greater when you factor in business associates and healthcare providers, who handle most of the healthcare data. Settlements and penalties accounted for $2,127,140 in 2022, alone.

    According to, 707 breaches were reported in 2022, resulting in compromise of a staggering 51,000,000 healthcare records. In 2021, there were 715 breaches and 54 million healthcare records compromised. These are scary numbers to look at.
    Of the 707 breaches reported in 2022:

    • 555 breaches are the result of hacking or an IT incident
    • 113 are the result of unauthorized access or disclosure
    • 35 are the result of loss or theft
    • 4 are the result of improper disposal

    Whether trying to enhance data protection and security practices, reduce risks, achieve regulatory compliance,or maintain the confidentiality and integrity of sensitive healthcare information, this eBook offers actionable insights, best practices, and real-world examples to help healthcare organizations navigate the complex landscape of data security in the healthcare industry.

    Request Data Security eBook