HIPAA 16
Case Study: Privacy & Security Violations
Lahey Hospital and Medical Center in Burlington, Massachusetts, agreed to pay an $850,000 settlement to OCR for potential HIPAA violations resulting from the theft of an unencrypted laptop August 11, 2011. The laptop was used to operate a portable CT scanner and produced images for viewing through the hospital’s radiology information system and picture archiving […]
Oops! Incidental Disclosure
By Lorraine Mazurek Q: I recently had a visit to a local pregnancy medical center. Unbelievably, I was in a room that had walls so thin that I could hear complete details of all the histories and conversations done with patients in the other room. As being in health care myself, I was embarrassed and […]
Electronic Protected Health Information
We can learn a lot about protecting electronic PHI from this article on an investigation of St. Elizabeth’s Medical Center in Boston. Included are annotations by Lorraine Mazurek. Some of her key takeaways include: Make sure you are performing your annual risk assessments and putting a corrective action plan in place. Do not use a […]
Faxing PHI- Q&A with Lorraine Mazurek
Q: I understand that the HITECH Act final rule requires medical practices to provide patients with an electronic option for receiving their requested PHI. Patients often request that we fax their requested records. However, it is difficult to verify that the recipient’s fax machine is secure, especially if it is not in the patient’s home. We […]
Search The Site
Browse Topics
- Accreditation Standards
- Best Practices
- Board of Directors
- Branding
- Brilliant Governance
- Client Marketing
- Client Services
- Donor Relations
- Finance
- Free Tools and Documents
- Fundraising
- HIPAA
- Human Resources
- IT Security
- Leadership Development
- Medical Insights
- Medical Services
- Not A Fake Clinic
- Op-Ed
- Organizational Development
- Podcasts
- Public Relations
- Risk Management
- Team Building
- Volunteers