Category: Uncategorized

If you haven’t taken my informal survey on the usefulness of HHS’s breach tool, please share your opinion here. And here’s another question about  HHS’s breach tool. See if you know the answer. [yop_poll id=”2″]

The Hillingdon Hospitals NHS Foundation Trust in Middlesex has signed an undertaking with the Information Commissioner’s Office following a data protection breach. According to the documentation, the ICO was provided with a report on July 5, 2012 which stated that the trust had been informed that a local newspaper was in possession of 4 two…

Ruth T. Griggs writes: The Health Insurance Portability and Accountability Act, better known as HIPAA, protects the privacy and security of patient health information. A common question from human resource managers has been what is the impact of HIPAA on an employer’s ability to collect employee health information for purposes of workers compensation, Family and…

The Cardiff & Vale University Health Board have signed an undertaking with the Information Commissioner’s Office (ICO) following the loss of documents containing sensitive personal data by a consultant.  The ICO was informed of the loss of the consulting psychiatrist’s bag on November 26, 2012. The bag, which was attached to a child seat on the…

Michael Kline writes: A party (Party) to a HIPAA Business Associate Agreement (BAA) or Subcontractor Agreement (SCA), whether a covered entity (CE), business associate (BA) or  subcontractor (SC), may struggle with the question as to whether to agree to, demand, request, submit to, negotiate or permit, an indemnification provision (Provision) respecting the counterparty (Counterparty) under…

I’ve occasionally (*cough*) expressed my frustration with HHS’s breach tool and the fact that breaches do not get added to the tool immediately, their fields are confusing and they don’t provide the narrative from the breached entity that might better describe or explain the breach, and you can’t get the breach reports until HHS has…