With newfound authority, some state attorneys general (AG) are beginning to take aim at covered entities (CE) that run afoul of HIPAA's Privacy and Security Rules.
Q. I work in patient financial services at a hospital. Like me, several of my coworkers have aging parents. Sometimes at lunch, we discuss the medical problems of our parents, who are not patients at our hospital. My supervisor says these discussions of family members' medical problems violate HIPAA. Is this true?
The challenge of complying with HIPAA privacy and security requirements is significant for physicians, particularly those in small practices, says Robert Rowley, MD, whose Hayward, CA, office has functioned without paper records since 2002.
Q. May a preadmission nurse leave messages (e.g., “This is a reminder that your surgery is tomorrow; please don’t drink or eat anything after midnight.”) on an answering machine or mobile phone voice mail?
