Hospitals and provider networks account for the highest number of breaches on the OCR list of entities reporting breaches of unsecured PHI affecting 500 or more individuals, a new report indicates.
Q. We received a request under the California Public Records Act from the local newspaper for copies of incident reports of injuries to staff by psychiatric patients. County counsel stated that only patient information that is specifically made confidential by law can be redacted.
Your incident response plan should be in strict compliance with HITECH requirements, says Kate Borten, CISSP, CISM, president of The Marblehead Group in Marblehead, MA.
