$4 Million for Privacy Offense?

Is your practice properly protecting the privacy of your patients?  Even if you think you are, you might not be given the complexities of HIPAA, its related regulations, and state laws.

Stanford recently settled a case involving state privacy laws related to a 2010 incident when Stanford notified nearly 20,000 of its patients that their protected health information had been wrongfully posted to a student website. The information, which included medical diagnoses and patient names, stayed posted on the public website for almost one year.

“One of those patients, Shana Springer, filed a $20 million class action lawsuit against Stanford and its partly-responsible business associate Multi-Specialty Collection Services back in September 2011 for violating California’s Confidentiality of Medical Information Act.” Article.

Since 2010, Stanford has reported five (5) large HIPAA breaches, compromising the protected health information of more than 92,000 patients.  “Four of the breaches involved the theft of unencrypted company laptops.”

If a breach (or several breaches) can occur at an entity like Stanford, be assured that a breach can happen at your practice.

Health care providers need to be proactive in:

1.  Encrypting all PHI–especially PHI on devices that connect to the internet and leave the office; and

2.  Working with health care counsel to review existing policies and procedures to ensure that the practice is properly safeguarding protected health information.

Failure to properly protect protected health information could be disastrous to your practice.

If your organization needs assistance with protecting its data – we can help.  For assistance CLICK HERE.

Get “News You Can Use” delivered directly to your e-mail inbox. Click here to Subscribe.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.