HHS' OCR in February began using the new fine structure mandated by HITECH and handed one of the country's most prestigious hospitals, Massachusetts General Hospital (MGH) in Boston, a $1 million penalty for a breach violation.
Organizations need to determine whether they have fully implemented the Security Rule. The HIPAA Security Rule has been around for a while, but many organizations have not implemented all of its requirements.
Here's one trend industry observers say healthcare organizations can expect to see now and in the future: heightened patient awareness and concern about the security of their private medical data.
Q. I work in patient financial services at a hospital. Like me, several of my coworkers have aging parents. Sometimes at lunch, we discuss the medical problems of our parents, who are not patients at our hospital. My supervisor says these discussions of family members' medical problems violate HIPAA. Is this true?
