Q: Many organizations have outsourced their PHI disposal for years. With coronavirus limiting the number of people coming in and out of medical facilities, what are your suggestions for organizations that now have to take care of PHI disposal themselves? What are the most important things to remember when handling this process?
Q: If researchers want to obtain PHI for a person who died of COVID-19, what is the protocol for releasing that information? What are the HIPAA protections?
Northern Light Health, a Maine-based healthcare system, suffered a data breach in May that affected 657,392 individuals, according to the Office for Civil Rights (OCR) breach portal.
Q: As sports leagues attempt to make their return, many are going to be using daily COVID-19 testing as part of their protocol. Obviously, the leagues need to quarantine any individual who tests positive for the virus. But why is the covered entity that is performing the testing allowed to disclose a patient’s test results to the leagues?
Walgreen Co., the second largest pharmacy chain in the United States, recently reported a breach that may have involved the protected health information (PHI) of more than 72,000 individuals, according to data in the Office for Civil Rights (OCR) breach portal.
The novel coronavirus (COVID-19) pandemic upended the U.S. healthcare system in innumerable ways. Experts believe the new post-COVID-19 normal will not be exactly the same as it was pre-pandemic. For one, telehealth is here to stay.
Q: I have read recently about the uptick in “vishing,” or voicemail messaging scams, targeting remote healthcare workers. What are your recommendations for protecting against this type of threat?
Lifespan Health System, a Rhode Island-based healthcare provider, agreed to pay $1.04 million to the Office for Civil Rights (OCR) and implement a corrective action plan to settle potential HIPAA violations, OCR announced on July 27.
An organization’s privacy and security policies are only as effective as its training. All the right work can be done at the top level, but if the messages are not clearly disseminated to staff, an organization can find itself in a difficult position.
