2018 was a year of large settlements and high-volume data breaches. According to OCR’s breach report portal, among the more than 250 reported data breaches under investigation, 14 incidents exposed the PHI of more than 100,000 individuals each.
Q: I am an acupuncturist and have a patient who owes me $100. I contacted the patient about the missing payment but received no response. Would it be a HIPAA violation to get in touch with the patient’s emergency contact person about the missing payment? Or should I go to a debt collector?
HHS Office for Civil Rights has issued a request for information seeking input from the public on how the HIPAA Privacy Rule could be modified to meet HHS’s goal of promoting coordinated, value-based care.
The opioid crisis in the U.S. continues to touch on issues of patient rights and privacy. In October, OCR launched an education campaign about civil rights protections that include specific guidelines for covered entities under HIPAA
Advanced Care Hospitalists PL in Lakeland, Florida, has agreed to pay $500,000 and undergo a corrective action plan in a settlement with the HHS Office for Civil Rights (OCR) for its alleged violations of HIPAA’s Privacy and Security Rules.
Q: My hospital's marketing team is becoming ambitious on social media lately. They like images, of course. What should we know about posting images of patients in social circles as it relates to HIPAA?
The Office for Civil Rights reached a $125,000 settlement with Allergy Associates of Hartford, P.C., in Hartford, Connecticut, after a HIPAA breach where a doctor disclosed a patient’s protected health information (PHI) to a local television reporter.
In this month's Product Watch, we look at a training service that uses modules focused on specific HIPAA requirements such as business associate management, staff involvement in conducting a risk analysis, and mobile device security.
