ePHI

Secure Email is Not

by HIPAA Admin on January 20, 2011

in HIPAA Headlines

I don’t do “told you so” moments. I do learn from incidents. Now, let’s learn: Indianapolis, Indiana:  St. Vincent Hospital, Nov. 12, 2010 approximately 1,800 patient’s PHI was revealed to third parties. Read the disclosure announcement here. What happened? The hospital apparently has a secure email system. On November 12, 2010 some “hospital employees unintentionally [...]

{ 0 comments }

Continue Reading

Army Soldier Data Stolen

by HIPAA Admin on May 14, 2010

in HIPAA Headlines

Arg! Nope, not speak like a pirate day. That is me censoring and keeping things clean here. Details: Government Contractor Laptop Stolen from office CD-ROM in laptop had data on 207,000 Reservists Questions: Why was data not encrypted? Why was data on a CD-ROM? What is going on here? PHI on a mobile device (laptop/external [...]

{ 0 comments }

Continue Reading

De-Identified Health Information

by HIPAA Admin on March 11, 2010

in HIPAA Headlines

What does it take for PHI to not be PHI? Glad you asked…though in reality for a practice, this will not come up much, it is good to have an idea of what make a patient’s information PHI and therefore covered under HIPAA. Key Points: De-identified health information, as described in the Privacy Rule, is [...]

{ 0 comments }

Continue Reading