Compliance Corner

05/11/2012 HIPAA vs. Compassion

Does compassion play a role when complying with the HIPAA privacy and security rules? Can a patient’s information be used or disclosed in a way that would violate HIPAA if the intention was to help the patient access healthcare services? Please consider these questions as you read the following:

05/03/2012 Beware of Scams

Last month, Emory Healthcare in Atlanta, Georgia began notifying 315,000 patients that back-up discs containing their protected health information – including Social Security numbers – was lost. The discs contained data from an information system deactivated in 2007 on patients treated between September 1990 and April 2007.

04/20/2012 Explosive Utah Breach

We all know that the stronger our passwords, the harder it is for hackers to break them. If you have a password that is easy to guess, that does not contain a combination of letters, numbers and special characters, that contains a sequence of letters or numbers (e.g., 12345), change it now before you read any further!

04/13/2012 Blowing in the Wind

On February 3rd, St. Elizabeth’s Medical Center in Boston, Massachusetts, which is part of the Steward Health Care System, was notified by an individual who reported finding papers from the hospital blowing through a field near the Boston airport. The papers contained cashier’s receipts for credit card payments made by five patients at St. Elizabeth’s surgical day center and other outpatient services.

04/06/2012 California Data Loss

The California (CA) Department of Child Support Services (CSS) recently announced that four computer storage devices containing the personal information for about 800,000 adults and children in the CA child support system were lost during a disaster simulation last month.

03/30/2012 Secure Disposal vs. the Environment

On Tuesday, The Kansas City Star in Topeka, Kansas, reported that hundreds of patients’ medical records were found in a paper-recycling bin outside an elementary school in the Kansas City area. The records contained the names, birth dates, Social Security numbers and health histories for more than 1,000 patients.

03/23/2012 Preventing Data Breaches

In last week’s Compliance Corner, we discussed the settlement between the Department of Health and Human Services (HHS) and Blue Cross Blue Shield of Tennessee (BCBST) that resulted from potential HIPAA violations.

03/09/2012 Consumer Protection Week

This week marks the 14th annual National Consumer Protection Week in which various consumer protection and other governmental groups teach consumers about how to better secure and protect their financial information.

03/02/2012 California Glitch

The medical records of more than 21,000 hospital patients at two California hospitals may have been inadvertently made public online.

02/24/2012 A Simple Case of Curiosity?

A nurse was recently fired by Titus Regional Medical Center in Mount Pleasant, Texas for accessing information on patients that she was not authorized to view. The hospital decided to notify 108 patients in a letter which warned them of a slight risk of identity theft, although most of the records the nurse accessed did not contain Social Security numbers.