Health Information Compliance Alert
KAISER PAYS THE PRICE FOR EXPOSING PATIENTS' PHI
PDF
Posting patients' PHI on an unencrypted Web site will not only ruin your reputation with current and potential patients - it could net you steep fines.
California's Department of Managed Health Care (DMHC) slapped Kaiser Foundation Health Plan with a $200,000 fine after completing its investigation into the plan's unauthorized disclosure of patients' PHI.
"Patients must be assured that health plans will, at all costs, do everything possible to protect confidential information," especially as the industry moves toward interoperable electronic medical records, Cindy Ehnes, director of the DMHC told the Sacramento Business Journal.
The agency took into account that Kaiser did not shut the Web site down immediately after its existence was brought to their attention. The health plan also did not inform state regulators of the site until much later.
"We're imposing this fine because we consider this act to be irresponsible and negligent at the expense of members' privacy and piece of mind," Ehnes said.
The Bottom Line: You must diligently protect your patients' health information, or be prepared to pay the price for any resulting damages.
Don't Let Hackers Find Your Flaws
Even password-protected Web portals can expose your patients' protected health information.
That's what Duke University Health System learned May 26 after it discovered that computer hackers tapped into the records of 10,000 employees and 4,500 conference attendees and others, the Durham Herald Sun reported.
The hackers did not access patients' medical or financial information, but in almost 9,000 cases, four or six digits of Web site users' Social Security numbers were exposed.
Duke alerted its Web site users through e-mails beginning May 27. The system does not believe the breach was extensive enough to lead to identity theft.
The Bottom Line: Your Web site's flaws could be a boon to data thieves.
Health IT Funding on The Way
You don't have to rely solely on your organization's security budget to fund your transition to EMRs.
The House of Representatives approved a more than $600 billion Labor, HHS and Education spending bill June 24 that carves out $75 million for contracts and grants to fund providers' attempts to build an interoperable health network.
The Bottom Line: You can expect more funding for your projects to become available in 2006.
Health Information Compliance Alert
- SECURITY:
HERE'S HOW TO GIVE 'ACCESS CREEP' THE OLE HEAVE-HO
Expert guidance to help you streamline your access procedures
Do you have a method to evaluate [...] - SAMPLE FORM:
PUT AN END TO 'CREEP' WITH THESE ACCESS CONTROL FORMS
Use these tools to manage access control and create a documentation trail
As your employees move [...] - CONFERENCES:
Conference Calendar Corner
Summer conferences and events offer you some relief from the hot sun. Here's what's slated [...] - PRIVACY:
DON'T RELY ON ALIASES TO PROTECT YOUR PATIENTS' PHI
You can protect your patients' information without changing their names - here's how
Picture it: Brad [...] - COMPLIANCE STRATEGIES:
6 TIPS TO STREAMLINE YOUR ACCOUNTING OF DISCLOSURES
Here's what you need to list in your accounting of disclosures
If you can't recognize an [...] - READER QUESTIONS:
BE WARY OF TEEN PREGNANCIES
Question: A 16-year-old patient presented with flu-like symptoms. After running tests, we discovered that she [...] - HEALTH INFORMATION NEWS:
KAISER PAYS THE PRICE FOR EXPOSING PATIENTS' PHI
Posting patients' PHI on an unencrypted Web site will not only ruin your reputation with [...]