ARRA 2009: Privacy & Security Changes – Part II

This article takes a look at the American Recovery and Reinvestment Act (ARRA) of 2009, which created some significant changes to privacy and security regulations which were outlined in the Health Insurance Portability and Accountability Act (HIPAA) as well as the Health Information Technology for Economic and Clinical Health (HITECH) Act. The ARRA imposes substantial modifications in four main areas: 1) HIPAA statutory requirements; 2) Increased enforcement of HIPAA; 3) Provisions to address health information held by entities not covered by HIPAA; and 4) Other changes including administrative changes, studies, reports and educational initiatives. This article takes a look at the modifications the ARRA made to HIPAA [...]

Share
February 2nd, 2012 | Tags: , , , , , , , | Category: Privacy | Leave a comment

Data Breaches Cost US Hospitals $6 Billion Annually

The 2010 Benchmark Study on Patient Privacy and Data Security, conducted by the Ponemon Institute. The study revealed that data breaches were costing hospitals across the US up to $6 billion each year. Breaches of patient information are largely undetected by the organization, due to lack of priority, resources, preparation and staffing for privacy and security [...]

Share
March 15th, 2011 | Tags: , , , , , , | Category: Privacy | Leave a comment

HIPAA Enforcement: CVS Case Example

While understanding privacy law and how it should be implemented is important, it is equally important to know how such laws are enforced and investigated by the U.S. Government. The following case explains the corrective action the Office of Civil Rights under the Department of Health and Human Services was forced to take ensure compliance of a covered entity that had significantly and repeatedly violated the Privacy Rule of HIPAA.

Following reports of improper disposal of personal health information (PHI) the OCR launched an investigation into the information practices of CVS Entities in September 2007. Their review found the following:

Between [...]

Share
June 15th, 2010 | Tags: , , , , , , , , , , , | Category: CIPP, Compliance & Regulations | Leave a comment

HIPAA Enforcement Process

The Health Insurance Portability and Privacy Act was passed in 2003. Since then HIPAA has become one of the most consistently enforced privacy laws to date. Enforcement falls largely to the Department of Health and Human Service’s Office of Civil [...]

Share
May 25th, 2010 | Tags: , , , , , , , | Category: CIPP, Compliance & Regulations | Leave a comment