Category Archives: HIPAA

Good news for UMC: Privacy violations seldom punished – Sunday, Dec. 13, 2009 | 2 a.m. – Las Vegas Sun

Posted by on December 15, 2009 No comments

The Health Insurance Portability and Accountability Act, known as HIPAA, took effect in April 2003, and through October, the Health and Human Services Department had fielded 47,632 allegations of patient privacy violations. Of those, 9,501 were found to be valid.

And how many criminal prosecutions occurred? The department did not answer that question for the Sun, but some experts put the number as low as five. Others say it is fewer than 20. Most were connected to another crime, usually identity theft — such as the case of a Washington man who worked at a cancer-treatment center. He pleaded guilty in 2004 to stealing patient information to obtain credit cards.

via Good news for UMC: Privacy violations seldom punished – Sunday, Dec. 13, 2009 | 2 a.m. – Las Vegas Sun.

Two Data Security Breaches Give State Attorneys General a Chance to Exercise Their New HIPAA Powers

Posted by on December 8, 2009 No comments

Connecticut Attorney General Richard Blumenthal (D) has emerged as possibly the first AG to take on a HIPAA investigation, and Arizona’s AG may also be pursuing a similar course. The larger of the two breaches that have come to the AGs’ attention was experienced by Health Net, Inc., which lost a portable external hard drive containing seven years of data for 446,000 Connecticut residents. The lost data came from 1.5 million individuals in total, who also hailed from New Jersey and New York.

via Two Data Security Breaches Give State Attorneys General a Chance to Exercise Their New HIPAA Powers.

Sixteen fired at Ben Taub Hospital over alleged patient’s privacy violations – 11/25/09 – Houston News – abc13.com

Posted by on November 25, 2009 No comments

Eyewitness News has learned that 16 employees of the Harris County Hospital District – most of whom worked at Ben Taub General Hospital – were fired last week for allegedly looking through patients confidential medical information.

via Sixteen fired at Ben Taub Hospital over alleged patient’s privacy violations – 11/25/09 – Houston News – abc13.com.

AMR driver: Selling patient records big business

Posted by on November 24, 2009 No comments

An ambulance driver, who wishes to remain anonymous, with AMR says the problem goes well beyond the doors of UMC.

“I happen to know from personal experience that it's so much wider than that.”

The driver says the buying and selling of patient records is big business.

via AMR driver: Selling patient records big business.

Pharmacists and Consumer, Privacy Advocates Urge Feds to Investigate CVS Caremark for Alleged HIPAA Violations

Posted by on November 23, 2009 No comments

The Health Insurance Portability and Accountability Act (HIPAA) allows CVS Caremark access to information on patients covered by its pharmacy benefit manager for administering claims and other limited purposes. Company letters collected by NCPA document CVS Caremark tapping into personal medical histories for marketing purposes, such as to urge patients to switch an existing prescription from their independent community pharmacy to a CVS retail or Caremark mail order pharmacy. A redacted example letter can be found here

via Pharmacists and Consumer, Privacy Advocates Urge Feds to Investigate CVS Caremark for Alleged HIPAA Violations.

FBI looking at UMC records leak

Posted by on November 22, 2009 No comments

The FBI said Friday it may investigate a breach of patient privacy laws at University Medical Center, where hospital officials are reeling with the realization that at least one of their employees has leaked confidential names, birth dates and Social Security numbers.

via FBI looking at UMC records leak – Saturday, Nov. 21, 2009 | 2 a.m. – Las Vegas Sun.

Health Information Technology (HIT) HIPPA Security Rule Self Assessment Toolkit – Federal Business Opportunities: Opportunities

Posted by on November 22, 2009 No comments

The National Institute of Standards and Technology wants industry help to develop a Web-based tool that would let users determine if they met the security requirements of the Health Insurance Portability and Accountability Act (HIPAA)

… The contractor shall gather requirements, design, develop, test, and integrate a software application for use as a web based application and for download for CSD customers to conduct a self assessment of their work environment against the security requirements of the HIPAA Security Rule.

via RECOVERY – Health Information Technology (HIT) HIPPA Security Rule Self Assessment Toolkit – Federal Business Opportunities: Opportunities.

UMC has patient privacy leak – has been selling patient data

Posted by on November 20, 2009 No comments

Private information about accident victims treated at University Medical Center has apparently been leaking for months, the Sun has learned, allegedly so ambulance-chasing attorneys could mine for clients.

Sources say someone at UMC is selling a compilation of the hospital’s daily registration forms for accident patients. This is confidential information — including names, birth dates, Social Security numbers and injuries — that could also be used for identity theft.

via UMC has patient privacy leak – Friday, Nov. 20, 2009 | 2 a.m. – Las Vegas Sun.

Health Insurer Loses 1.5 Million Patient Records | Threat Level | Wired.com

Posted by on November 20, 2009 No comments

A health insurer lost 1.5 million patient records last May but waited six months to disclose the incident.

The data, which was stored on a portable disk drive that disappeared from the insurer’s office, was unencrypted and included patient Social Security numbers, bank account numbers and health data, according to the Hartford Courant. The disk also contained personal information on at least 5,000 physicians.

via Health Insurer Loses 1.5 Million Patient Records | Threat Level | Wired.com.

Survey: Many Business Associates Unprepared To Secure Health Data – iHealthBeat

Posted by on November 20, 2009 No comments

Many companies that do business with health care providers are unprepared to comply with the strengthened health data protection rules included in the federal economic stimulus package, according to a new HIMSS Analytics survey, Healthcare IT News reports (Monegain, Healthcare IT News, 11/17).

via Survey: Many Business Associates Unprepared To Secure Health Data – iHealthBeat.