Though it dominated media coverage, COVID-19 wasn't the only silent enemy healthcare organizations battled in 2020. Amid the chaos of the pandemic, hospitals and health systems were also ravaged by health data breaches, which were up 30% in 2020 compared to 2019. A new trend emerged of at least two data breaches per day.

It's no secret that Black representation in technology is severely lacking. Comprising 13 percent of the total U.S. population, Black Americans only represent 5 percent of employees in the technology field, according to data aggregated from 35 of the largest U.S.-based tech companies.

Our mission at Protenus is to advance the science of healthcare by bringing together creative and skilled individuals who are passionate about the security, usability, and applicability of health data. As this information becomes more voluminous, comprehensive, and, as a consequence, more vulnerable, we are building scalable, insightful solutions that address critical issues preventing the efficient, safe, and effective delivery of patient care. 

Covered Entities and Business Associates are well aware of the mandatory requirements of the HIPAA Security Rule and the HITECH Act, but until recently, there was limited specific guidance from HHS and OCR on how to comply with standards or what regulators viewed as appropriate compliance efforts. On January 5, 2021, HR 7898, commonly referred to as the HIPAA Safe Harbor Bill, was signed into law, amending the HITECH Act and providing some clarity for Covered Entities and Business Associates on industry best practices for security. The law requires HHS and OCR to provide certain incentives for best practice cybersecurity to meet HIPAA standards.

Health systems are beginning to realize the untapped potential of compliance analytics for efficiently auditing the roughly 60 million electronic health record queries occurring each month in an average-sized U.S. hospital. With an artificial intelligence-powered compliance analytics program, organizations can surface unusual access patterns that warrant human investigation, thereby fortifying patient data security and creating new workflow efficiencies.