In this month's HIPAA Q&A, we answer your questions about sending unencrypted emails to the right recipient, discussing patients with colleagues, scheduling appointments for spouses, and filing complaints against insurance companies.
Baylor Scott & White Medical Center-Frisco, in Frisco, Texas, announced a data breach earlier this month affecting 47,000 patients and guarantors. The breach occurred in September when the hospital found an issue with a third-party vendor’s credit card processing system.
Q: Sometimes the emergency department where I work gets so busy we have to evaluate patients before they can be placed in a room. I have seen nurses perform examinations on patients on stretchers in hallways where they can easily be overheard discussing medical histories and treatment options. Would this be considered a HIPAA violation?
2018 was a year of large settlements and high-volume data breaches. According to OCR’s breach report portal, among the more than 250 reported data breaches under investigation, 14 incidents exposed the PHI of more than 100,000 individuals each.
Q: I am an acupuncturist and have a patient who owes me $100. I contacted the patient about the missing payment but received no response. Would it be a HIPAA violation to get in touch with the patient’s emergency contact person about the missing payment? Or should I go to a debt collector?
