• Recently Written

  • Software update prevents users Brabeion RoHS
  • If our government to give free insurance?
  • Patient data are never really safe?
  • Importance of dog insurance in the life of your pet
  • Drug HIPA A friendly service Transcript
  • The importance of life insurance for your pet dog
  • If our government is giving away free insurance?
  • If our government is giving away free insurance?
  • Label
  • Health cards

• Categories

  • Healthcare Industry News
  • HIPAA
  • HIPAA (General)
  • HIPAA Compliance
  • HIPAA Compliant Software
  • HIPAA Enforcement
  • HIPAA Jobs
  • HIPAA Law
  • HIPAA Lawsuits
  • HIPAA News
  • HIPAA Privacy
  • HIPAA Regulation
  • HIPAA Security
  • HIPAA Technology
  • HIPAA Training
  • Medical Privacy
  • Privacy News
  • Sarbanes-Oxley

• Archives

  • August 2010
  • July 2010
  • October 2009
  • September 2009
  • July 2009
  • June 2009
  • May 2009
  • January 2009
  • September 2008
  • June 2008
  • April 2008
  • August 2007
  • December 2006
  • November 2006
  • October 2006
  • September 2006
  • August 2006
  • July 2006
  • June 2006
  • May 2006
  • April 2006
  • March 2006
  • February 2006
  • January 2006
  • November 2005
  • October 2005
  • May 2005
  • April 2005
  • March 2005
  • January 2005
  • December 2004
  • November 2004
  • October 2004
  • September 2004

• Admin

  • Log in
  • Wordpress
  • XHTML

• Search

Paul Litwak of the National Council for Community Behaviorl Healthcare says:

By now, any sensible person has had enough of HIPAA. 1 Even those who have been helped most by the HIPAA rules — lawyers and consultants — are getting sick of it. But, for better or for worse, it isn’t over yet. There is one more rule to go — the final Security Rule.

Legal Obligation Relating to Security
Both the HIPAA statute and the final Security Rule require covered entities to:

Ensure the confidentiality, integrity, and availability of all electronic protected health information the covered entity creates, receives, maintains, or transmits.
Protect against any reasonably anticipated threats or hazards to the security or integrity of such information.
Protect against any reasonably anticipated uses or disclosures of such information that are not permitted or required under the Privacy Rule.
Ensure compliance by its workforce.

Real Stories
Here are a few publicly reported events in which the security of health information was compromised and individual privacy rights were compromised. In each case, the organization that held or created the information meant to keep it confidential.

In February 2003, a jury awarded $2.3 million to three women whose mental health treatment records were not kept private by West Virginia University Medical Corp., also called University Health Associates. A records clerk had removed their records, taken them home and to local bars and discussed them with people. The clerk was clearly acting outside the scope of his employment and was fired. Nonetheless, the jury found that the hospital had breached its duty of confidentiality. The verdicts of $766,200 to one woman, $762,000 to another and $750,000 to the third did not include punitive damages.

For eight days, beginning on October 29, 2001, detailed psychological records of at least 62 children and teenagers were accidentally posted on the University of Montana Web site.

Eli Lilly & Co., maker of the antidepressant Prozac, inadvertently divulged the names and e-mail addresses of 600 psychiatric patients in a mass e-mail. The company was investigated by the Federal Trade Commission, and reached a settlement in which it agreed to bolster the security of its Internet site.
A Nevada woman bought a used computer, and discovered the prescription records of thousands of people on the machine’s hard drive. The previous owner was a pharmacy.

Read more here.

Comments

• Featured Links