HIPAA
HHS wants contractor to test privacy of ‘anonymous’ data
HHS intends to hire a contractor to demonstrate either the “ability or inability” to re-identify data from a data set that has been de-identified under the Health Information Portability and Accountability Act (HIPAA) Privacy Rule via HHS wants contractor to test privacy of ‘anonymous’ data — Federal Computer Week.
Good news for UMC: Privacy violations seldom punished – Sunday, Dec. 13, 2009 | 2 a.m. – Las Vegas Sun
The Health Insurance Portability and Accountability Act, known as HIPAA, took effect in April 2003, and through October, the Health and Human Services Department had fielded 47,632 allegations of patient privacy violations. Of those, 9,501 were found to be valid. And how many criminal prosecutions occurred? The department did not answer that question for the [...]
Two Data Security Breaches Give State Attorneys General a Chance to Exercise Their New HIPAA Powers
Connecticut Attorney General Richard Blumenthal (D) has emerged as possibly the first AG to take on a HIPAA investigation, and Arizona’s AG may also be pursuing a similar course. The larger of the two breaches that have come to the AGs’ attention was experienced by Health Net, Inc., which lost a portable external hard drive [...]
Sixteen fired at Ben Taub Hospital over alleged patient’s privacy violations – 11/25/09 – Houston News – abc13.com
Eyewitness News has learned that 16 employees of the Harris County Hospital District – most of whom worked at Ben Taub General Hospital – were fired last week for allegedly looking through patients confidential medical information. via Sixteen fired at Ben Taub Hospital over alleged patient’s privacy violations – 11/25/09 – Houston News – abc13.com.
AMR driver: Selling patient records big business
An ambulance driver, who wishes to remain anonymous, with AMR says the problem goes well beyond the doors of UMC. “I happen to know from personal experience that it's so much wider than that.” The driver says the buying and selling of patient records is big business. via AMR driver: Selling patient records big business.
Pharmacists and Consumer, Privacy Advocates Urge Feds to Investigate CVS Caremark for Alleged HIPAA Violations
The Health Insurance Portability and Accountability Act (HIPAA) allows CVS Caremark access to information on patients covered by its pharmacy benefit manager for administering claims and other limited purposes. Company letters collected by NCPA document CVS Caremark tapping into personal medical histories for marketing purposes, such as to urge patients to switch an existing prescription [...]
FBI looking at UMC records leak
The FBI said Friday it may investigate a breach of patient privacy laws at University Medical Center, where hospital officials are reeling with the realization that at least one of their employees has leaked confidential names, birth dates and Social Security numbers. via FBI looking at UMC records leak – Saturday, Nov. 21, 2009 | [...]
Health Information Technology (HIT) HIPPA Security Rule Self Assessment Toolkit – Federal Business Opportunities: Opportunities
The National Institute of Standards and Technology wants industry help to develop a Web-based tool that would let users determine if they met the security requirements of the Health Insurance Portability and Accountability Act (HIPAA) … The contractor shall gather requirements, design, develop, test, and integrate a software application for use as a web based [...]
UMC has patient privacy leak – has been selling patient data
Private information about accident victims treated at University Medical Center has apparently been leaking for months, the Sun has learned, allegedly so ambulance-chasing attorneys could mine for clients. Sources say someone at UMC is selling a compilation of the hospital’s daily registration forms for accident patients. This is confidential information — including names, birth dates, [...]
Health Insurer Loses 1.5 Million Patient Records | Threat Level | Wired.com
A health insurer lost 1.5 million patient records last May but waited six months to disclose the incident. The data, which was stored on a portable disk drive that disappeared from the insurer’s office, was unencrypted and included patient Social Security numbers, bank account numbers and health data, according to the Hartford Courant. The disk [...]
