Faster Delivery of Lab Test Results Achieved by Pathology, Inc.
Privately owned pharmacies and laboratories are covered by HIPAA Rules, and they must therefore ensure that all Protected Health Information (PHI) stored and transmitted, is appropriately secured, with the security measures used dictated by the standards laid down in the HIPAA Security Rule. The privacy of patients must be assured at all times. Highly sensitive health information, such as medical test results, could cause patients to come to harm if accidentally disclosed to the wrong individuals. Efforts should therefore be made to ensure any transmission of data cannot be intercepted and read. To reduce the risk of HIPAA breaches, many laboratories stick to tried and tested delivery methods, and accept there will be a delay in data reaching physicians. Some companies have risen to the challenge, and now ensure faster delivery of lab test results by utilizing new technology. They have leveraged Smartphones to coordinate patient care more efficiently and ensure treatment to patients is provided more rapidly. This smart use of technology has allowed HIPAA-covered entities to improve...
You Ain’t Seen Nothing Yet – OCR Indicates Major Hike in HIPAA Audits
They were last seen in 2012, but the second round of HIPAA compliance audits have yet to commence, but they are apparently coming back this year with plans in place for them to be bigger and bolder than ever before. The Department of Health and Human Services’ Office for Civil Rights (OCR) indicated to Washington lawyer and HIPAA expert, Adam Greene – partner of Davis Wright Termaine – that compliance enforcement is set to significantly increase. OCR Has Already Increased Its Enforcement Actions In a presentation at HIMSS15 in Chicago on Tuesday, Greene pointed out that there had been an increase in enforcement actions involving financial penalties in recent years. Greene said there “was one or three fines levied in 2008-2011, five in 2012 and 2013 and seven last year in 2014”. The OCR has had to deal with more than 100,000 claims since it started enforcing HIPAA legislation and in the majority of cases these claims have been resolved without any investigation being necessary. In almost a quarter of cases (24%) the Covered Entity (CE) took voluntary corrective action...
Symantec Study Shows Data Breaches Increased 23% in 2014
It is April, which means the release of the Symantec Annual Internet Security Report. Each year the security software company releases a report compiled from the data that it collected during the course of the past year. The report provides an insight into the general state of cybersecurity. The figures show the number of security breaches rose 23% in 2014. The report covers all industries, including healthcare, with the bulk of data breach victims affected by retail industry security breaches. Hacking incidents caused data to be exposed on a monumental scale and while there were fewer “mega-breaches” in 2014 – 4 breaches of more than 10 million records compared to 8 the previous year – the report states that data breach incidents are still a major issue. Hackers were responsible for a large number of the additional 23% of security breaches. The report suggests that there were fewer cases of identity exposure in spite of the overall 23% rise. The report suggests ”this could indicate that many breaches— perhaps the majority—go unreported or undetected.” Some industries...
Class Action Lawsuit Filed Against Anthem with Evidence of Harm
Three insurance agencies have been accused of failing to secure HIPAA-covered data and have been cited in a class action claim as a result of the Anthem data breach in February. Now the lawsuit has allegedly attracted three new plaintiffs, each of who claim to have suffered identity theft as a result of the security breach. There have been a slew of lawsuits filed in recent months since the Connecticut Supreme Court ruling that individuals can sue for data breaches that exposed their PHI. However many of these class action claims against insurance companies and healthcare providers have been thrown out by judges as plaintiffs have been unable to substantiate the claims for damages with evidence of actual loss or harm suffered. The Missouri class action against the insurers was filed in February in St. Louis County by one female breach victim; shortly after the data breach was announced. Each of the three new plaintiffs that have been signed up for the suit alleges that they suffered actual losses as a result of the breach. In December and January each of the three plaintiffs had...
HIMSS 2015: HIPAA Security: A Decade of Breaches
Cybersecurity is a hot topic the Healthcare Information and Management Systems Society conference (HIMSS 2015) in Chicago this week. There are a number of scheduled presentations relating to data security and the Health Insurance Portability Act (HIPAA), which are aimed at compliance officers and IT professionals who are trying to navigate HIPAA regulations and get their organizations fully compliant. On Monday 13, Marion Jenkins, Ph.D., FHIMSS, Chief Strategy Officer at 3t Systems, took a session entitled HIPAA Security: A Decade of Breaches in which he explained the current landscape and how the HIPAA Security Rule has changed over the past 10 years as well as covered entities (CEs) attitudes to the legislation. In the presentations, Jenkins presented some examples of the real causes behind the data breaches and suggested a number of easy – and not-so-easy – remedies that healthcare providers and other CEs can implement to reduce the risk of them being affected. Jenkins pointed out that in the past 6 years, there have been 1,189 reported breaches of HIPAA-classified data –...



