With newfound authority, some state attorneys general (AG) are beginning to take aim at covered entities (CE) that run afoul of HIPAA's Privacy and Security Rules.
Q. I work in patient financial services at a hospital. Like me, several of my coworkers have aging parents. Sometimes at lunch, we discuss the medical problems of our parents, who are not patients at our hospital. My supervisor says these discussions of family members' medical problems violate HIPAA. Is this true?
The challenge of complying with HIPAA privacy and security requirements is significant for physicians, particularly those in small practices, says Robert Rowley, MD, whose Hayward, CA, office has functioned without paper records since 2002.
