In this month's HIPAA Q&A, we answer your questions about sending unencrypted emails to the right recipient, discussing patients with colleagues, scheduling appointments for spouses, and filing complaints against insurance companies.
Pagosa Springs Medical Center (PSMC) in Pagosa Springs, Colorado, has agreed to pay $111,400 to the Office for Civil Rights (OCR) and to adopt a substantial corrective action plan in a settlement over alleged HIPAA violations.
Baylor Scott & White Medical Center-Frisco, in Frisco, Texas, announced a data breach earlier this month affecting 47,000 patients and guarantors. The breach occurred in September when the hospital found an issue with a third-party vendor’s credit card processing system.
Q: Sometimes the emergency department where I work gets so busy we have to evaluate patients before they can be placed in a room. I have seen nurses perform examinations on patients on stretchers in hallways where they can easily be overheard discussing medical histories and treatment options. Would this be considered a HIPAA violation?
Despite facing potential lawsuits and political opposition, CMS finalized some of its most controversial proposals in the 2019 OPPS final rule by implementing several site-neutral payment policies and 340B drug payment reductions.
2018 was a year of large settlements and high-volume data breaches. According to OCR’s breach report portal, among the more than 250 reported data breaches under investigation, 14 incidents exposed the PHI of more than 100,000 individuals each.
Q: I am an acupuncturist and have a patient who owes me $100. I contacted the patient about the missing payment but received no response. Would it be a HIPAA violation to get in touch with the patient’s emergency contact person about the missing payment? Or should I go to a debt collector?
HHS Office for Civil Rights has issued a request for information seeking input from the public on how the HIPAA Privacy Rule could be modified to meet HHS’s goal of promoting coordinated, value-based care.
