Primary Health Care in Des Moines, Iowa, recently announced an email breach of its system one year after discovery. This exceeds the timeframe outlined in the HIPAA Breach Notification Rule, which states that organizations are required to report a breach within 60 days of discovery.
Q. I’ve been taught to tell our patients, “We look forward to seeing you on x day at x time with x doctor.” This has always been left on cell phone voice mails or home phones. Is this a HIPAA-compliant practice?
When it comes to patients’ PHI, every little detail matters. Whether it’s the alignment of a preprinted mailer or installing antivirus software on your system, these details can make the difference in your health system’s security. Below are four recent security incidents that run the gamut in terms of technology involved, but all of which made the OCR breach report.
A former employee of the Transformations Autism Treatment Center in Bartlett, Tennessee, was sentenced to a 30-month imprisonment with a three year supervised release on March 2 for hacking 300 patient files, states a press release from the Department of Justice. The employee will also be facing a monetary fine of $14,941.36 in restitution, as decided by U.S. District Judge John T. Fowlkes, Jr.
Q. I recently tried to access my medical records through the hospital’s patient portal. I had a hard time logging in because it prompted me to enter codes sent to my phone several times. It was difficult to keep track of which code was the most recent. I feel like this was an unreasonable barrier. Usually, you’re given the choice to opt out of multifactor authentication or only have to enter one code along with your password. Do multiple authentication codes represent a significant barrier to patient access?
Organizations are generally keeping up due diligence when it comes to HIPAA compliance training and essential auditing, despite an increasingly challenging array of threats directed at them. However, confusion still holds sway on risk analysis and more robust audit functions.
