Data Breach Reaction Done Right

in HIPAA Headlines by John Brewer Leave a comment

All too often the focus is on how somebody did something wrong with PHI. Really, though, there are so few examples of things done right…to point them out is a challenge. Well, never fear, we seem to have a good example here… That’s right, the Houston Methodist Hospital learned they had a breach, and they Read More

A Downfall of Giant PHI Databases

in HIPAA Headlines by John Brewer Leave a comment

As we are pushed to put all of our medical records in electronic form, we open ourselves up to new issues. This headline is what we can expect to see more of in the future: GE Healthcare Admits Sending NHS Patient Data To US NHS IT Provider says 600,000 patients have no need to worry Read More

Secure Email is Not

in HIPAA Headlines by John Brewer Leave a comment

I don’t do “told you so” moments. I do learn from incidents. Now, let’s learn: Indianapolis, Indiana:  St. Vincent Hospital, Nov. 12, 2010 approximately 1,800 patient’s PHI was revealed to third parties. Read the disclosure announcement here. What happened? The hospital apparently has a secure email system. On November 12, 2010 some “hospital employees unintentionally Read More

Army Soldier Data Stolen

in HIPAA Headlines by John Brewer Leave a comment

Arg! Nope, not speak like a pirate day. That is me censoring and keeping things clean here. Details: Government Contractor Laptop Stolen from office CD-ROM in laptop had data on 207,000 Reservists Questions: Why was data not encrypted? Why was data on a CD-ROM? What is going on here? PHI on a mobile device (laptop/external Read More

De-Identified Health Information

in HIPAA Headlines by John Brewer Leave a comment

What does it take for PHI to not be PHI? Glad you asked…though in reality for a practice, this will not come up much, it is good to have an idea of what make a patient’s information PHI and therefore covered under HIPAA. Key Points: De-identified health information, as described in the Privacy Rule, is Read More