Health Information Compliance Alert
Industry Notes
PDF
E-Mail Causes Hospice HIPAA Violation
Make sure your staff are thoroughly trained — and retrained — about HIPAA-compliant e-mail procedures. One Texas hospice is learning that lesson the hard way. Hope Hospice in New Braunfels notified 818 patients when it discovered in a routine security check that an employee had e-mailed a report containing PHI to himself using “an unsecured channel,” the hospice says in a notice on its website.
“The information included in the report was limited to 818 patient names, referral source, referral and admission date, name of insurance company, chart number, county and date of discharge,” the hospice says about the December e-mail. “The information did not include other sensitive personal identification such as social security numbers, dates of birth or addresses.”
Bottom line: “The information was secured February 28, 2013, and the Agency does not believe the type of information included presents a risk of financial harm,” the hospice says.
In response to the incident, Hope has given staff additional training, is reviewing its policies and procedures for improvement, and is tightening up security, it says.
Don’t Forget Paper Records In HIPAA Security
A North Carolina hospice is notifying patients of a possible HIPAA breach, and for once stolen laptops aren’t to blame.
Due to a Feb. 24 break-in at its office in Burlington, N.C., Hospice & Palliative Care Center of Alamance-Caswell did suffer stolen laptops. However, the data on the laptops was all encrypted for security, reports The Times News newspaper. Instead, the hospice had to notify about 5,370 past hospice and LifePath Home Health patients that personal health information in paper medical and billing records could have been compromised by two intruders.
The two 19-year-olds charged with the crime allegedly cost the hospice more by discharging fire extinguishers inside the building than the thefts, the newspaper says. Even though the thieves didn’t appear to be after PHI, “you can’t be too careful,” a hospice rep told The Times News.
The hospice is offering free credit monitoring for a year and is recommending those notified about the potential breach place a fraud alert with credit bureaus.
Health Information Compliance Alert
- HIPAA Compliance:
Heed 5 Expert Tips To Survive A HIPAA Audit
Use the HIPAA audit protocol to your advantage. Many other industries may not be hiring [...] - Prepare Yourself:
What Auditors Will Look For
Focus your efforts on these hot areas. Although the HIPAA audit protocols are an invaluable [...] - PQRS Strategies:
Get on Top of Your Quality Reporting to Sidestep 2015 Penalties
Watch out: The 2014 quality reporting period will determine the VBM adjustment for 2016 payments. [...] - Review These Group Practice Reporting Options
If you’re reporting your quality data using the group designation, get familiar with options outlined [...] - HIPAA:
Third-Party Billers: Screen for Compliance
Investigate thoroughly before turning over claims processing to a third-party biller. Hiring a third party [...] - Industry Notes
E-Mail Causes Hospice HIPAA Violation Make sure your staff are thoroughly trained — and retrained [...] - Reader Question:
Let Medical Necessity Rule Code Choice
Question: Our physician is a very thorough documenter and treats very sick patients. Because he [...]