We are going to see over the next few years that, any time PHI is made available to someone other than the patient, it will be considered a breach.
A perfect example if given to us by the BCBS of Florida as they accidentally sent some 3,500 monthly explanation of benefits statements out. The problem is, these statement were sent to the wrong addresses.
That doesn’t feel high-tech, but really, breaches don’t need to be high-tech gaffes, but a proverbial spilling of the PHI beans.
The real point here is, everyone needs to understand how this game works, and how easy it is to really screw up when it comes to PHI.