Protenus, a Baltimore-based healthcare compliance analytics company, has released its annual Breach Barometer. It measured 758 health data breaches reported to the Department of Health and Human Services (HHS), the media, or some other source during 2020.
Q: Is it considered a HIPAA violation for facilities to keep patient charts outside of exam rooms or at a patient's bedside? Most providers prefer to have the charts handy to review just before seeing the patient. However, anyone could walk by the room and potentially get a glance at the information. Would this be considered an incidental disclosure?
Q: If an individual provides authorization for a disclosure, can the individual later revoke the authorization? Is the covered entity (CE) then required to “take back” or demand the erasure of any documentation by third parties that may have been made following the original authorization?
Cancer Treatment Centers of America and Midwestern Regional Medical Center (CTCA) based in Zion, Illinois, reported a breach last month potentially affecting 104,808 individuals, according to the Office for Civil Rights (OCR) breach report.
Cybercrime is up in the healthcare industry, and it’s a good idea to make sure you’re ready to respond to cyber incidents. The key to speedy mitigation is to have a security incident response plan, test the plan, and make sure it works as you exercise it. Having a plan is also a HIPAA Security Rule requirement.
