HIPAA 16

 

Case Study: Privacy & Security Violations

Lahey Hospital and Medical Center in Burlington, Massachusetts, agreed to pay an $850,000 settlement to OCR for potential HIPAA violations resulting from the theft of an unencrypted laptop August 11, 2011. The laptop was used to operate a portable CT scanner and produced images for viewing through the hospital’s radiology information system and picture archiving […]

2 years ago More
 

Oops! Incidental Disclosure

By Lorraine Mazurek Q: I recently had a visit to a local pregnancy medical center. Unbelievably, I was in a room that had walls so thin that I could hear complete details of all the histories and conversations done with patients in the other room. As being in health care myself, I was embarrassed and […]

3 years ago More
 

Electronic Protected Health Information

We can learn a lot about protecting electronic PHI from this article on an investigation of St. Elizabeth’s Medical Center in Boston. Included are annotations by Lorraine Mazurek. Some of her key takeaways include: Make sure you are performing your annual risk assessments and putting a corrective action plan in place. Do not use a […]

Link3 years ago More
 

Faxing PHI- Q&A with Lorraine Mazurek

Q: I understand that the HITECH Act final rule requires medical practices to provide patients with an electronic option for receiving their requested PHI. Patients often request that we fax their requested records. However, it is difficult to verify that the recipient’s fax machine is secure, especially if it is not in the patient’s home. We […]

3 years ago More