Patient Confidentiality Breaches

News & Analysis as of

News from the Health Law Gurus™

Patient Medical Records Stolen from New Jersey Storage Facility – Tribeca Medical Center is notifying patients that their protected health information may be compromised. According to a privacy notice posted on Tribeca...more

Employer Liability for Employees’ Privacy Violations: What your organization should learn from Walgreens’ expensive lesson (hint:...

You may already have read the scintillating facts surrounding a jury award of $1.44 million (recently challenged unsuccessfully on appeal) against Walgreen Co. (Walgreens) following its pharmacist’s alleged inappropriate...more

On The Eighth Day of Privacy, Health Care Systems (Over)Shared Data

When is “sharing” too much of a good thing? And will it get worse for health care systems in 2015? Data sharing has become a point of sharp focus in the efforts to improve the quality and efficiency of health...more

Let the Games Begin: First Sony Class Action Lawsuit Filed Over Data Breach

It’s happened. The first class action lawsuit has been filed against Sony for failing to prevent hackers from stealing its current and former employees’ social security numbers, medical records, and salary information....more

Latest HIPAA Settlement: Compliance is an Ongoing Process

The U.S. Department of Health and Human Services, Office for Civil Rights (OCR) issued its first settlement under new OCR Director Jocelyn Samuels earlier this month. This latest settlement serves as a reminder that a...more

Malware Incident at Mental Health Nonprofit Leads to $150K Settlement with OCR

As cyberattacks targeting the healthcare industry continue to escalate, the U.S. Department of Health and Human Services Office for Civil Rights (OCR) has published its first-ever resolution agreement stemming from an...more

Failure to Follow HIPAA Policies Results in $150,000 Liability and Corrective Action Plan

The U.S. Department of Health and Human Services, Office for Civil Rights (HHS-OCR) has recently released information about another HIPAA settlement, emphasizing yet again the government's focus on the Health Insurance...more

HIPAA Settlement Underscores the Vulnerability of Unpatched and Unsupported Software

The title of this alert, which comes straight from the Department of Health and Human Services Office for Civil Rights' (OCR) announcement of its most recent settlement, again underscores the critical need for covered...more

Recent HHS Settlement Highlights Importance of Updating HIPAA Compliance Programs

On December 8, 2014, the U.S. Department of Health and Human Services' (HHS) Office for Civil Rights (OCR) announced a resolution agreement with Anchorage Community Mental Health Services, Inc. (ACMHS). The agreement, which...more

Anchorage Community Mental Health Services to Pay $125,000 in Newest HIPAA Settlement: Covered Entities and Business Associates...

Anchorage Community Mental Health Services, Inc. (“ACMHS”) will pay $125,000 to the United States Department of Health and Human Services, Office for Civil Rights (“OCR”) to settle alleged violations of the Health Insurance...more

Blog: Beth Israel To Pay $100,000 for Massachusetts Health Information Breach

Beth Israel Deaconess Medical Center (Beth Israel) reached a settlement with the Massachusetts Attorney General’s Office for a data breach in which a physically unsecured laptop was stolen containing personal and protected...more

Indiana Appeals Court Upholds Jury Verdict For Pharmacist’s Wrongful Use Of Patient Information

A recent decision by the Court of Appeals of Indiana reinforces the peril faced by health care employers when employees authorized to access confidential information do so for improper purposes. In Walgreen Co. v. Hinchy, the...more

Encryption and Securing BYO Devices at the Heart of Massachusetts AG $100,000 Settlement

The Massachusetts Attorney General announced Friday that her office had reached a settlement with Beth Israel Deaconess Medical Center (BIDMC) surrounding a 2012 data breach in which a physician’s unencrypted personal laptop...more

Connecticut Supreme Court Allows Plaintiffs to Circumvent HIPAA’s No Private Right of Action Clause

In an opinion released on November 11, the Connecticut Supreme Court ruled on whether the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and its implementing regulations preempt a common law claim for...more

Connecticut Supreme Court Issues Decision That Could Expand State Law Liability in Data Breach Class Actions for Businesses...

Health care providers have not escaped the recent proliferation of data breach class actions, but plaintiffs generally have been unsuccessful in bringing claims based on the Health Insurance Portability and Accountability Act...more

Connecticut Supreme Court Ruling Allows Private Plaintiff to Assert Negligence Claims Based on HIPAA

Recently, the Connecticut Supreme Court ruled that a plaintiff may assert state law negligence claims against a healthcare clinic that allegedly released confidential patient health data based on the Health Insurance...more

A Recent State Supreme Court Ruling Opens the Door for Breach of Privacy Claims Against Health Care Providers

It has long been established that there was no private right of action with regard to HIPAA. All providers must be aware that state courts are beginning to turn the tide regarding such liability. On November 11, 2014, the...more

Health Law Wire: Expanding HIPAA Liability for Healthcare Providers (11/14)

The Health Insurance Portability and Accountability Act (HIPAA), while requiring protected health information be kept private, does not provide for a private right of action based on a HIPAA violation. Rather, an individual...more

HIPAA Isn’t the Only Standard for Confidentiality

Nobody knows better than hospitals how difficult, complicated and expensive it is to comply with the confidentiality requirements of HIPAA (for Health Insurance Portability & Accountability Act). And hospitals and their...more

California Appellate Court Limits Liability under California’s Medical Confidentiality Act for Disclosure of Medical Information

In what should be considered a win for the defense, the California Third Appellate Court recently overturned the lower court’s denial of a motion to dismiss a class action lawsuit seeking $4 billion in damages under...more

California Appellate Court Requires Actual Viewing of Confidential Information in Data Breach Case Under the California Medical...

In a case against Sutter Health involving records from a stolen office computer, the California Court of Appeal recently issued a decision limiting plaintiffs’ ability to state a claim and obtain statutory damages under the...more

Health Data Breach Victims Have Standing to Sue Says WV Supreme Court

The most common defense against class actions for data breach has itself been breached in a ruling last week by the West Virginia Supreme Court....more

News from the Health Law Gurus™ - May 2014

Massachusetts to Start from Scratch with Health Insurance Website — Massachusetts plans to abandon its health insurance exchange website in favor of starting over from scratch, according to a New York Times report....more

FTC Ordered to Testify Regarding Data Security Standards in LabMD Dispute

The Federal Trade Commission (FTC) has suffered a significant setback in its ongoing dispute with LabMD, a now-closed medical laboratory that the FTC charged with failing to adopt reasonable data security practices that...more

Two Health Care Organizations Pay Largest HIPAA Fine at $4.8 Million Resulting from Unsecured Shared Network

New York-Presbyterian Hospital and Columbia University entered into a settlement with the Department of Health and Human Services’ Office of Civil Rights (OCR) to resolve allegations that the organizations had violated the...more

40 Results
|
View per page
Page: of 2