Joseph Lazzarotti of Jackson Lewis highlights an important note in recent OCR guidance: What is a covered entity’s obligation under the Breach Notification Rule if it transmits an individual’s PHI to a third party designated by the individual in an access request, and the entity discovers the information was breached in transit? If a covered…
Category: Health Data
Federal Times obtained and analyzed 26,381 security incidents reported by HHS components over a 30-month period
Kudos to Federal Times, who obtained a tremendous amount of data from HHS about security incidents involving their component systems. Aaron Boyd reports on their analysis of data, which was obtained through a Freedom of Information request. The analyses look at types of attacks by components of HHS. Here’s some of their analysis and findings: The records…
Giants player Jason Pierre-Paul should lose his case against ESPN and reporter Adam Schefter, but will he?
I’ve been hoping some lawyer(s) would discuss the lawsuit filed by Jason Pierre-Paul (“JPP”) against ESPN and Adam Schefter because frankly, although I wasn’t happy that Schefter posted a medical record – and Schefter later acknowledged there’s an issue of sensitivity here – I can’t see how any lawsuit against the journalist could prevail because…….
Radiology office mistakenly reveals 603 mammogram patients’ names
I’m not a fan of postcard appointment reminders for patients, as they expose the fact that the named individual is a patient of a particular doctor or practice – and sometimes, that, in and of itself, reveals more than I would want to see revealed. But under HIPAA, postcard reminders are not barred, and patients…
KS: Laptop with sensitive personal and medical info stolen from Valley Hope Association employee’s car
Valley Hope Association in Kansas provides alcohol, drug, and related treatment services and have done so since 1967, according to their site. Despite their extensive and long history of experience, patient information was not encrypted on a laptop that was stolen from an employee’s car in December. Why? Here’s their announcement of the incident, below….
UK: Alert auctioneer stops data of 7,000 patients in west Norfolk being sold to highest bidder after blunder at Queen Elizabeth Hospital
Thank goodness for alert auctioneers. Sophie Biddle reports: A health chief at the Queen Elizabeth Hospital, in King’s Lynn, has announced a full internal investigation is underway after a piece of medical equipment containing personal data slipped through the first stage of their disposal process. The potential for the information to be leaked was however…