SAI Global Healthcare Compliance Survey Finds HIPAA Compliance is Top Priority for 2016

April 18, 2016

Increased Regulatory Audits driving focus

SAI Global, a leading provider of solutions that help organizations manage risk, protect reputation and optimize performance in an increasingly complex ethical and regulatory environment, today announced the findings of its 2016 Healthcare Compliance Benchmark Study. 

Healthcare compliance and risk professionals from across the United States, mostly from large (greater than 250 beds) hospitals or healthcare systems, participated in the research.  The study is in its seventh year, providing the industry with significant year-on-year comparative data.

According to the study, HIPAA (Health Insurance Portability and Accountability Act) compliance and cybersecurity are a priority concern among organizations, particularly in light of an increase in reported data breaches of protected health information.

The study revealed that 48% of respondents do not have a high level of confidence that their organization has all of the controls in place to prevent a data breach. More concerning, according to the report's authors, is the 52% who do have a high level of confidence, given all the complexities and continued failures occurring in the industry today.  

In 2015, there were 266 data breaches reported by healthcare organizations according to the Office of Civil Rights Breach Portal. The number of individuals affected exceeded 113 million - approximately 1/3rd of the US population.

The top five compliance program priorities for 2016 were reported to be:

  1. HIPAA Compliance / OCR (Office for Civil Rights) Audit Readiness
  2. Employee compliance training & education
  3. Documenting and investigating incidents (case management)
  4. Compliance self-assessments and/or demonstrating compliance effectiveness
  5. Compliance risk assessments

The study also found that increased regulatory and internal drivers for the industry continue to place pressure on limited compliance resources. This year's results point to some relief, with more departments increasing budgets this year (37%) than last (31%); with a reported investment focus on software and human resources to help ease the burden.

Leadership, however, was perceived to be a key barrier to the success of programs with 'tone from the top relative to compliance', 'lack of consistent management leadership' and 'leadership buy-in on the need for resources' being cited as 'biggest barriers to success right now' among participants.

The study also found that 'reputation and brand' are becoming stronger drivers of compliance programs - this year moving to become one of the top three drivers for the first time. The primary drivers were reported to be: Increasing focus and audits from CMS (Centers for Medicare & Medicaid Services) (63%); Increasing focus from the OCR/HIPAA Compliance (49%) and Protection of reputation and brand (49%).

The survey also asked participants about their priorities for software tools in certain areas: Enterprise Risk Management, Regulatory/ Obligations Management, Business Intelligence/Predictive Analytics, and Managing Conflicts of Interest.  

50% of respondents indicated that software to automate Enterprise Risk Management was a 'top' or 'high' priority for their organization. This was followed closely at 48% by Business Intelligence/Predictive Analytics tools.

The risk environment in Healthcare is increasingly challenging, not only in regulatory compliance but also in terms of brand reputation and financial risk.

It’s encouraging to see that Healthcare providers are looking to software automation for Enterprise Risk Management and Business Intelligence as a priority. This indicates a maturing approach to compliance into the wider operational and financial risk management framework.

Jan Kruger

Head of Risk, SAI Global

SAI Global, was recently recognized by independent analyst firm, Forrester Research Inc., as a Leader in The Forrester Wave™: Governance, Risk and Compliance Platforms, Q1 2016  report for its Compliance 360 Platform. The Report stated that “the product is a leading compliance solution among US Healthcare companies” and that SAI Global has an extremely diverse, extremely happy customer base. 

To download a copy of the SAI Global 2016 Healthcare Compliance Benchmark Study, visit: www.saiglobal.com/2016HealthcareBenchmark