Over on HIPAA Blog, attorney Jeff Drummond writes: More on the “harm” threshold (and its possible demise): During this past week, the AHLA “HIT list” listserv has buzzed with commentary on the “harm” threshold (in large part started by the NYT article mentioned here), whether it should even be in there (or is an unconstitutional…
Search Results for: patient
The Rite Aid Scandal: Health Records Still Treated as Commodities
Billy Wharton writes in CounterPunch: The mega drug store chain Rite Aid recently agreed to pay a $1 million fine to stave off a full investigation by the Federal Trade Commission (FTC) into practices that may have compromised customer records. The agreement was prompted by news reports that Rite Aid stores in several locations had…
With No Harm Threshold, Nearly All Breaches Substantiated in CA
Dom Nicastro provides some interesting data from California, where there is no “harm threshold” in mandated reporting requirements for breaches involving medical records: Since California’s new law went into effect last year, the state has received 3,766 breach reports. …. California’s investigations team has completed reviews of 1,953. It found that 98.7% of those breaches…
OR: Eastmoreland Surgical Clinic Burglarized
Excerpted from a press release from ID Experts: The Eastmoreland Surgical Clinic, Dr. William Graham’s office was burglarized on or about July 5, 2010. Three password-protected desktop computers, one password-protect laptop computer and a backup drive were stolen. The police were immediately notified and a police report was filed with the Portland Police Bureau. Notification…
Iowa hospitals crack down on employee snooping
Clark Kauffman of the Des Moines Register has a round-up of area hospitals that have fired employees for snooping in patient files: In each of the cases, the workers had unfettered access to portions of patients’ medical records. Some allegedly used that access to snoop through the patient files out of purely personal interest, while…
UK: Royal Wolverhampton breached Data Protection Act – ICO
To follow up on a breach mentioned previously on this site, the Information Commissioner’s Office has found that Royal Wolverhampton Hospitals NHS Trust breached the Data Protection Act (DPA) after the loss of 112 patient records from the Intensive Care Unit of New Cross Hospital’s Heart and Lung Unit. The unencrypted patient records were on…