Centegra Data Breach Exposes PHI of 3,000 Patients
A mailing error caused a recent Centegra data breach that exposed a limited amount of Protected Health Information of 2,929 of the Health System’s patients. Business Associate Responsible for Centegra Data Breach Centegra Health System operates three hospitals and a number of other healthcare facilities in McHenry County, Illinois. Recently it discovered that one of its third party vendors had made an error that accidentally exposed the PHI of some of its patients. The data breach was caused as a result of a simple error made by an employee of MedAssets. The company had been contracted to mail billing statements to patients. An error was made configuring the equipment used to prepare the mailing, which resulted in patients being sent two billing statements instead of one. One of the statements was correct and included patients’ personal data and charges, the other statement was for a different patient. Each envelope was filled automatically and was mailed. 2,929 letters were sent to patients by MedAssets between November 2 and Nov 6, 2015. Centegra was notified of the data breach...
HIPAA Violation Fine of $3.5 Million for Triple-S
Puerto Rico Blue Cross Blue Shield licensee Triple S Management Corporation has agreed to pay a HIPAA violation fine of $3.5 million to the Department of Health and Human Services’ Office for Civil Rights. This is the second HIPAA violation fine to be announced in the space of a week, with the latest financial penalty closely following the $850,000 settlement between OCR and Lahey Hospital and Medical Center. The latest fine highlights just how costly non-compliance can be. This does not need to be explained to Triple S Management Corporation. The company was already hit with a HIPAA violation fine of $6.8 million by the Puerto Rico Health Insurance Administration for a failure to comply with the Health Insurance Portability and Accountability Act’s Privacy Rule last year, although the HIPAA violation fine was reduced to $1.5 million on appeal. The PRHIA fine was issued following the mailing of a pamphlet that displayed the Medicare Health Insurance Claim Numbers of subscribers. The HIPAA violation fine corresponded to $500 for each of the 13,336 members of the insurer’s Medicare...
HIPAA Right to Privacy Being Waived for Pharmacy Discounts
The HIPAA right to privacy can be waived if patients agree to let healthcare providers, insurers, and other covered entities access and share their data. A number of insurers have trialed issuing subscribers with wearable devices that monitor health metrics. In exchange for agreeing to wear the devices that track heart rate, exercise levels, and other vital signs, subscribers are provided with discounts on their premiums. In such cases there is a benefit to both patient and provider. Insurance companies are able to gain a better understanding of the health of subscribers and they can adjust policies and charges accordingly. Subscribers get to monitor their health and wellness more closely and they get a financial reward. Some pharmacies have also started operating similar schemes. Instead of giving discounts on insurance premiums they give discounts on their products and prescriptions, if customers download a Smartphone app and agree to share their data. By offering discounts the pharmacies are able to secure more business. Just like reward cards, the scheme improves brand loyalty....
Major Mobile Health Application Growth Predicted
Mobile technology has potential to revolutionize the provision of healthcare. Mobile technology is already having a major impact on the industry. According to PwC, one of the few limiting factors is how the technology can be implemented to allow healthcare providers to obtain the full benefits of the technology. This does not appear to have hindered growth in the sector. PwC has predicted growth to increase six-fold over the course of the next two years. Growth in the sector will mostly come from the development of new mHealth applications and from monitoring services. A new report published by healthcare market research firm Kalorama Information suggests that the growth of mobile health applications will outstrip all other mobile application areas over the next four years. The Kalorama report highlights the substantial growth already seen in the mHealth market so far in 2015. Manufacturers of devices, software developers, and providers of wireless services are capitalizing on growing demand. By the end of the year, the industry is expected to have generated close to $34 billion....
Pathways Professional Counseling Reports Theft of Laptop Containing SSNs
A breach of social security numbers, health insurance information, medical data, and personally identifiable information has been announced by Pathways Professional Counseling after a laptop computer was stolen from the vehicle of an employee. The laptop computer was password protected, but was not encrypted. The device contained highly sensitive information that could potentially be used by criminals to commit identity theft and fraud. Other data stored on the laptop included patient names, dates of birth, addresses, email addresses, phone numbers, demographic data, clinical information, financial information, referring physician names, and medical diagnoses of patients. The theft occurred on September 24, 2015, and was discovered the following day. The incident was immediately reported to law enforcement and to Pathways Professional Counseling, and an investigation into the data breach was immediately launched. Pathways Professional Counseling was able to determine that the laptop had not been used to gain access the organization’s network. Network access was blocked by changing...



