Patient Confidentiality Breaches

News & Analysis as of

Protections Governing Theft and Publication of Medical Records

As instances of medical data breaches increase, U.S. courts are interpreting the scope of liability stemming from them. In California, the court in Sutter Health et al. v. The Superior Court of Sacramento County (Atkins) held...more

IT Maintenance Crucial for HIPAA Compliance

The Department of Health and Human Services' (HHS) Office for Civil Rights (OCR) recently announced an agreement with a medical center to settle charges stemming from the center’s failure to prevent malware from infecting its...more

Actual Compliance with HIPAA is a Must

The U.S. Department of Health and Human Services, Office for Civil Rights (HHS-OCR), has recently entered into another HIPAA settlement, emphasizing yet again the government’s focus on the HIPAA Security Rule. The settlement...more

Recent Changes to California Medical Information Privacy Laws Create More Flexibility and Give Rise to Increased Enforcement

Under California Health & Safety Code (HSC) sections 1280.15(a) and (b), California licensed clinics, hospitals, home health agencies and hospices are required to prevent “unlawful or unauthorized access to, and use or...more

2014 – The Health Law Year in Review

Each year brings significant changes and challenges in the laws governing the health care industry, and 2014 proved to be no exception. What the year may have lacked in the high drama that accompanies comprehensive health...more

Happy New Year! 2015 Brings More Reasonable Breach Notification Reporting Periods for CA Health Care Providers

In 2008 California put into effect breach reporting laws applicable to certain licensed health care providers Healthcare Entities that are more stringent than HIPAA - so stringent that Healthcare Entities have been required...more

Data Breach Plaintiff Given Second Chance to Certify Class Action Suit

Recently, the Pennsylvania Superior Court ruled in favor of data breach plaintiff Avrum Baum, giving him a second chance to certify a class action suit against Keystone Mercy Health Plan. Baum brought suit against the...more

What Preemption? Connecticut State Court Gives Life to Negligence Claims Based on HIPAA Privacy Standard of Care

Like many federal statutes, the Health Insurance Portability and Accountability Act of 1996 (HIPAA) contains a provision governing how the statute is designed to interact with similar or otherwise related state laws. When...more

Hospital Fires Back: Accuses Whistleblowers of Violating Patient Confidentiality

Hospitals have long seethed over employees who exploit their inside information to become whistleblowers. There’s generally not much they can do besides seethe unless the employee has some special duty of confidentiality...more

News from the Health Law Gurus™

Patient Medical Records Stolen from New Jersey Storage Facility – Tribeca Medical Center is notifying patients that their protected health information may be compromised. According to a privacy notice posted on Tribeca...more

Employer Liability for Employees’ Privacy Violations: What your organization should learn from Walgreens’ expensive lesson (hint:...

You may already have read the scintillating facts surrounding a jury award of $1.44 million (recently challenged unsuccessfully on appeal) against Walgreen Co. (Walgreens) following its pharmacist’s alleged inappropriate...more

On The Eighth Day of Privacy, Health Care Systems (Over)Shared Data

When is “sharing” too much of a good thing? And will it get worse for health care systems in 2015? Data sharing has become a point of sharp focus in the efforts to improve the quality and efficiency of health...more

Let the Games Begin: First Sony Class Action Lawsuit Filed Over Data Breach

It’s happened. The first class action lawsuit has been filed against Sony for failing to prevent hackers from stealing its current and former employees’ social security numbers, medical records, and salary information....more

Latest HIPAA Settlement: Compliance is an Ongoing Process

The U.S. Department of Health and Human Services, Office for Civil Rights (OCR) issued its first settlement under new OCR Director Jocelyn Samuels earlier this month. This latest settlement serves as a reminder that a...more

Malware Incident at Mental Health Nonprofit Leads to $150K Settlement with OCR

As cyberattacks targeting the healthcare industry continue to escalate, the U.S. Department of Health and Human Services Office for Civil Rights (OCR) has published its first-ever resolution agreement stemming from an...more

Failure to Follow HIPAA Policies Results in $150,000 Liability and Corrective Action Plan

The U.S. Department of Health and Human Services, Office for Civil Rights (HHS-OCR) has recently released information about another HIPAA settlement, emphasizing yet again the government's focus on the Health Insurance...more

HIPAA Settlement Underscores the Vulnerability of Unpatched and Unsupported Software

The title of this alert, which comes straight from the Department of Health and Human Services Office for Civil Rights' (OCR) announcement of its most recent settlement, again underscores the critical need for covered...more

Recent HHS Settlement Highlights Importance of Updating HIPAA Compliance Programs

On December 8, 2014, the U.S. Department of Health and Human Services' (HHS) Office for Civil Rights (OCR) announced a resolution agreement with Anchorage Community Mental Health Services, Inc. (ACMHS). The agreement, which...more

Anchorage Community Mental Health Services to Pay $125,000 in Newest HIPAA Settlement: Covered Entities and Business Associates...

Anchorage Community Mental Health Services, Inc. (“ACMHS”) will pay $125,000 to the United States Department of Health and Human Services, Office for Civil Rights (“OCR”) to settle alleged violations of the Health Insurance...more

Blog: Beth Israel To Pay $100,000 for Massachusetts Health Information Breach

Beth Israel Deaconess Medical Center (Beth Israel) reached a settlement with the Massachusetts Attorney General’s Office for a data breach in which a physically unsecured laptop was stolen containing personal and protected...more

Indiana Appeals Court Upholds Jury Verdict For Pharmacist’s Wrongful Use Of Patient Information

A recent decision by the Court of Appeals of Indiana reinforces the peril faced by health care employers when employees authorized to access confidential information do so for improper purposes. In Walgreen Co. v. Hinchy, the...more

Encryption and Securing BYO Devices at the Heart of Massachusetts AG $100,000 Settlement

The Massachusetts Attorney General announced Friday that her office had reached a settlement with Beth Israel Deaconess Medical Center (BIDMC) surrounding a 2012 data breach in which a physician’s unencrypted personal laptop...more

Connecticut Supreme Court Allows Plaintiffs to Circumvent HIPAA’s No Private Right of Action Clause

In an opinion released on November 11, the Connecticut Supreme Court ruled on whether the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and its implementing regulations preempt a common law claim for...more

Connecticut Supreme Court Issues Decision That Could Expand State Law Liability in Data Breach Class Actions for Businesses...

Health care providers have not escaped the recent proliferation of data breach class actions, but plaintiffs generally have been unsuccessful in bringing claims based on the Health Insurance Portability and Accountability Act...more

Connecticut Supreme Court Ruling Allows Private Plaintiff to Assert Negligence Claims Based on HIPAA

Recently, the Connecticut Supreme Court ruled that a plaintiff may assert state law negligence claims against a healthcare clinic that allegedly released confidential patient health data based on the Health Insurance...more

49 Results
|
View per page
Page: of 2