Preview

Hipaa Violation and Prevention

Better Essays
Open Document
Open Document
1058 Words
Grammar
Grammar
Plagiarism
Plagiarism
Writing
Writing
Score
Score
Hipaa Violation and Prevention
HIPAA Violation and Prevention
Many healthcare professionals and organizations have not been following the regulations set forth by HIPAA. Whenever violations of HIPAA’s privacy or security laws occur the organizations responsible must be held accountable resulting in a fine or penalty. Penalties provide incentive for organizations to guarantee patient privacy and security. Recently, certain people have failed to follow through with the laws and restrictions and were forced to accept the penalty. This paper will provide three real examples of such HIPAA violations as well as solutions or ways each violation could have been prevented.
In 2010, The Hospice of North Idaho, located in Hayden Idaho had a security breach compromising 441 patients’ health information. In the security breach, an unencrypted laptop containing patients’ information was stolen. After investigation, the Office for Civil Rights learned that the hospice did not have the adequate policies required by HIPAA law concerning technical safeguards in the Security Rule. The law stated that some form of encryption must be utilized in case any information is acquired by anyone other than the intended recipient, but the hospice did not have any, compromising private patient information. As a penalty for the 2010 incident, in January 2013, The Hospice of North Idaho agreed to a $50,000 settlement. The Hospice has also made significant improvements in its safeguards since the theft.
Initially, the hospice did have some policies in place in the organization to protect against violations but they were not sufficient. These include certain administrative and physical safeguards limiting patient information to only those who need it. However, the hospice failed to anticipate the possibility of theft and didn’t have any technical safeguards. Encryption should have been implemented because it would have made any lost information unusable, unreadable, and undecipherable. The physical safeguards weren’t adequate


Cited: "29 USC § 502 - Bonding of Officers and Employees of Labor Organizations; Amount, Form, and Placement of Bonds; Penalty for Violation." 29 USC § 502. N.p., n.d. Web. 02 Jan. 2013. Ezold, Christopher. "GOVERNMENT MANDATES COULD COST EMPLOYERS HUGE PENALTIES." MELODIKA.net. MELODIKA, 02 Jan. 2013. Web. 02 Jan. 2013. "Fact Sheet 8a: HIPAA Basics: Medical Privacy in the Electronic Age." HIPAA Basics: Medical Privacy in the Electronic Age. N.p., n.d. Web. 02 Jan. 2013. McLaughlin, Jim. "Idaho Hospice to Pay HHS $50k in HIPAA Settlemen." Http://www.beckershospitalreview.com. ASC COMMUNICATIONS, 02 Jan. 2013. Web. 02 Jan. 2013. "News Release." HHS Settles HIPAA Case with BCBST for $1.5 Million. N.p., 13 Mar. 2012. Web. 02 Jan. 2013. Wong, Kimberly M., Lynn Sessions, and Ted Kobus. "State Fines Hospital For Patient Confidentiality Breach; Requires HIPAA Training For Executives." JD Supra. BakerHostetler, 12 Dec. 2012. Web. 02 Jan. 2013.
Continue Reading
View Writing Issues

You May Also Find These Documents Helpful

  • Good Essays

    Law 531: Breach At Advocate Lutheran General Hospital
    • 808 Words
    • 4 Pages

    Law 531: Breach At Advocate Lutheran General Hospital

    Under the HIPAA Breach Notification Rule, 45 CFR §§ 164.400-414, organizations are required to give notice to the following entities: (1) the person(s) affected by the breach (2) the media to spread the word about the data breach (3) the secretary and (4) all business associates ("U.S. Department Of Health & Human Services", 2014). Analysis In this case, Advocate Medical Group has violated both the privacy and security requirements of HIPAA. HIPAA has privacy requirements that govern disclosure of PHI. The security regulation covers administrative, technical and physical safeguards that required prevention of unauthorized access to protected health care information (Buck, 2010).…

    • 808 Words
    • 4 Pages
    Good Essays
    Read More
  • Good Essays

    Case Study 1: HIPAA, CIA & Safeguards
    • 554 Words
    • 2 Pages

    Case Study 1: HIPAA, CIA & Safeguards

    Blue Cross Blue Shield of Tennessee (BCBST) has agreed to pay the U.S. Department of Health and Human Services (HHS) $1,500,000 to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy and Security Rules, Leon Rodriguez, Director of the HHS Office for Civil Rights (OCR), announced today. BCBST has also agreed to a corrective action plan to address gaps in its HIPAA compliance program. The enforcement action is the first resulting from a breach report required by the Health Information Technology for Economic and Clinical Health (HITECH) Act Breach Notification Rule.…

    • 554 Words
    • 2 Pages
    Good Essays
    Read More
  • Satisfactory Essays

    Unit 4 Assignment 1 IS3550
    • 253 Words
    • 1 Page

    Unit 4 Assignment 1 IS3550

    The Health Insurance Portability and Accountability Act (HIPAA) was passed in 1996. The main purpose of this law was to improve the flow of health information. At this time, the great majority of the records were still in paper form, however there was a push for the healthcare industry to become digital. Prior to 1996, the only federal law that regulated the privacy of health information was the Privacy Act of 1974. Between 2003 and 2005, there were more than 13,000 privacy complaints, but no civil enforcement actions were brought by the HHS Office for Civil Rights (OCR). In that same period, there was only one HIPAA criminal action, against a lab assistant who used the personal data of a terminal cancer patient for identity theft. By 2008, 33,000 + complaints had been filed with OCR, only about 8,000 were investigated with 5,600 leading to corrective action, yet no fines had been issued. Several key dates for HIPAA since then are: February 17, 2009- ARRAs HITECH Act Signed into Law. HIPAA revised to strengthen enforcement penalties, require breach notifications, and expand patient rights 2009OCR increases HIPAA Enforcement January 25, 2013- HITECHs HIPAA Modification Final Rule Release There is no single part of the HIPAA complaint form that should be singled out for attention, other than simplifying the form completion instructions. In the situation where every instructor Brandon ford Mr. Redmond 1-14-2015 IS3350 and all associated staff had access to the students health care records, Premier College is in direct violation of HIPAA.…

    • 253 Words
    • 1 Page
    Satisfactory Essays
    Read More
  • Satisfactory Essays

    HIPAA Violation: Article Analysis
    • 160 Words
    • 1 Page

    HIPAA Violation: Article Analysis

    In the article “ Hospitals fined $4.8M for HIPAA Violation” by Erin McCann reports that several health care organizations are in HIPAA violation due to human error. A hospital and a medical center were fined because patients information were available on line. The breach was due to a physician who developed an application for the hospital and a medical center. During the process of transferring patient information to one computer at home accidently made the information available on the Internet. A patient’s family member discovered it when they notice their family members private health information was on line.…

    • 160 Words
    • 1 Page
    Satisfactory Essays
    Read More
  • Powerful Essays

    Ethical Considerations (HIPAA) For Workers Compensation
    • 81 Words
    • 1 Page

    Ethical Considerations (HIPAA) For Workers Compensation

    HIPAA allows patients’ health information to be disclosed under some circumstances, such as 1) to meet law requirements; 2) for reporting of abuse, neglect, and domestic violence; 3) for monitoring of healthcare operations; 4) to be presented as evidence in legal proceedings; 5) for assistance with police investigation; 6) for medical examinations and funerals; 7) for organ donation; 8) for research; 9) to avoid a significant threat to health or safety; 10) for workers’ compensation payments; 11) to execute government…

    • 81 Words
    • 1 Page
    Powerful Essays
    Read More
  • Good Essays

    HIPAA Compliance Case Study
    • 783 Words
    • 4 Pages

    HIPAA Compliance Case Study

    The Health Insurance Portability and Accountability Act (HIPAA), became law in 1996. It requires health care providers, insurance companies and others involved in health care transactions to provide security on any system containing personal health information, store and transmit that information according to standardized rules, and place an automatic audit on files to help keep track of who should have access to them and whether those access rules have been violated. HIPAA complaints and violations that aren't fixed quickly are subject to a fine of between $100 per incident or a maximum of $25,000 per year for violation of a specific rule.…

    • 783 Words
    • 4 Pages
    Good Essays
    Read More
  • Powerful Essays

    Hrm/531 Week 1
    • 2047 Words
    • 9 Pages

    Hrm/531 Week 1

    Training sessions will be organized for all employees at least once a year to refresh their knowledge of privacy and security in compliance to with Health Insurance Portability and Accountability Act (HIPAA) rules. HIPAA Privacy and Security Rule set a national standard for the security and privacy of electronic protected health information; and the confidentiality provisions of the Patient Safety Rule. The US Department of Health and Human Services (2010) stated, “the Rule requires appropriate safeguards to protect the privacy of personal health information, and sets limits and conditions on the uses and disclosures that may be made of such information without patient authorization” (¶…

    • 2047 Words
    • 9 Pages
    Powerful Essays
    Read More
  • Satisfactory Essays

    Unit 4 Privacy Or Security Complaint
    • 470 Words
    • 2 Pages

    Unit 4 Privacy Or Security Complaint

    The Health Insurance Portability and Accountability Act of 1996 (HIPAA) was created to develop regulations to protect the privacy and security of certain health information; which shouldn’t be accessible to individuals without the need to know. The U.S. Department of Health and Human Services (HHS) is responsible for HIPAA compliance within the Privacy Rule as well as the Security Rule. This Privacy Rule develops national standards for protecting certain health information while the Security Rule establishes a national set of security standards for protecting specific health information that is held or transferred in electronic form.…

    • 470 Words
    • 2 Pages
    Satisfactory Essays
    Read More
  • Powerful Essays

    Hcs 335 Patient Confidentiality in the Emergency Department
    • 1298 Words
    • 6 Pages

    Hcs 335 Patient Confidentiality in the Emergency Department

    Moskop, J. C., Marco, C. A., Larkin, G. L., Geiderman, J. M., & Derse, A. R. (2005, January 2005). From Hippocrates to HIPAA: Privacy and Confidentiality in Emergency Medicine--Part II: Challenges in the Emergency Department. American College of Emergency Physicians, 45, 60-66. Retrieved from http://www.sciencedirect.com.ezproxy.apollolibrary.com/science/article/pii/S019606440401282X…

    • 1298 Words
    • 6 Pages
    Powerful Essays
    Read More
  • Satisfactory Essays

    Hcs 483 Wk1Dq1 2
    • 457 Words
    • 2 Pages

    Hcs 483 Wk1Dq1 2

    Prior to the enactment of the Health Insurance Portability and Accountability Act (HIPPA) health information was able to be shared without the knowledge or permission of the patient. This information was available to just about anyone including insurance agencies, places of employment and even loan lenders. People would potentially use individuals’ health information to deny them work or a loan for their home and even impacting higher insurance rates or denial of coverage. According to U.S. Department of Health and Human Services (n.d.), “The Privacy Rule establishes a Federal floor of safeguards to protect the confidentiality of medical information. State laws which provide stronger privacy protections will continue to apply over and above the new Federal privacy standards.” (para. 1). Also, as medical records continue to move entirely to the new standard of electronic records it is important to have one standard across the country to protect everyone’s information. Electronic health records (EHR) make it easier than ever to accidentally share medical information, to include having it stolen. Medical providers are just as likely to face consequence if their facility is broken in to and the hard drive with patients information is stolen as they would be if they gave the information away themselves. In general HIPPA protects patients’ information as well as their right to be treated equally.…

    • 457 Words
    • 2 Pages
    Satisfactory Essays
    Read More
  • Best Essays

    The Effect of the Health Insurance Portability and Accountability Act on the Privacy of Electronic Medical Records
    • 3042 Words
    • 13 Pages

    The Effect of the Health Insurance Portability and Accountability Act on the Privacy of Electronic Medical Records

    The quickly developing field of information technology has brought about many changes to medical records in the 21st century. In this short time frame, we have encountered a technological revolution in the medical industry. This revolution strongly revolves around the formation of electronic medical records. Because of these electronic medical records, personal health records quickly became available to many strangers working in health care, business associates and the insurance industry, placing privacy of medical records on the line. In order to standardize and protect consumer privacy rights in electronic medical records, the government passed the Health Insurance Portability and Accountability Act of 1996 to help regulate the industry. HIPAA established a series of standards for electronic transfers of personal data and several legislative laws to protect the medical privacy of consumers. Although HIPAA established many benefits in the industry, its shortcomings also became an issue in our exponentially growing technological state. This essay will establish these benefits and shortcomings, and take an in depth look at how the recent revisions to HIPAA in the Stimulus Plan of 2009 play out.…

    • 3042 Words
    • 13 Pages
    Best Essays
    Read More
  • Good Essays

    The Pros And Cons Of HIPAA
    • 595 Words
    • 3 Pages

    The Pros And Cons Of HIPAA

    HIPAA is the Health Insurance Portability and Accountability Act 1996, which was originally proposed to assure health insurance coverage after leaving a job. Congress felt the need to add a section to the bill in order to save money; therefore, the Administration Simplification section was included in the bill. The health care industry was in agreeance with the ideas of Congress because standard record formats, code sets, and identifiers in standardized electronic transactions were required. The official bill was passed August 21, 1996. There are two main focuses of HIPAA, which are the privacy and security of the patient’s health information and the covered entities. Being that Congress didn’t provide legislation defining the privacy and security…

    • 595 Words
    • 3 Pages
    Good Essays
    Read More
  • Better Essays

    Pharmacy Law
    • 1060 Words
    • 5 Pages

    Pharmacy Law

    HIPPA Privacy Law and Patients’ Bill of Rights are supposed to protect an individual privacy when it comes to their medical information. These laws were created and put into place to establish patient confidentiality and not have patients’ information disclosed without prior consent. In 1998, Dawn Castellano, a pharmacy technician who worked for Arbor Drugs in Mount Clemens, Michigan, violated a patient’s confidentiality by disclosing information to her son regarding one of her customers. The pharmacy technician was filling a prescription for AIDS medication and discovers the customer was a parent of her son classmates. The technician informed her child of the customer condition and later her son taunted his classmates about their father disease. The customer children had no prior knowledge of the disease.…

    • 1060 Words
    • 5 Pages
    Better Essays
    Read More
  • Better Essays

    The Feeding Tube
    • 1472 Words
    • 6 Pages

    The Feeding Tube

    All patient’s in the United States have all been equal to one right. The Patient’s Bill of Rights apply to this situation because an individual has the right to make their own decisions as long as they have the right mind and is fully competent. The Patient Bill of Rights is simply a statement that entitles the patient to medical care. A statement that articulates the rights in which the doctors and hospitals ought to provide patients, thereby providing information, offering fair treatment, and granting them autonomy over medical decisions. There are six values that are commonly applied to medical ethics (Showalter, 2010). The Bill of Rights include: the right to exercise the freedom of speech, to practice religion, be secure from unreasonable searches and seizures, bear arms in an organized militia, demand a jury trial, to be protected against self- incrimination and be accordance substantive and procedural due process of the law. This also applies to June because she has the right to choose her own path in life. In this case, June is suffering from a dangerous disease.…

    • 1472 Words
    • 6 Pages
    Better Essays
    Read More
  • Good Essays

    Factors Which Are Affecting Service Delivery Can Have a Positive Impact on How Health Care Is Expedited.
    • 983 Words
    • 4 Pages

    Factors Which Are Affecting Service Delivery Can Have a Positive Impact on How Health Care Is Expedited.

    Health care is a highly regulated industry and continues to tighten and continually develop criteria according to which providers are required to abide by in order to carry out business. It has been estimated that HIPAA (Health Insurance Portability and Accountability Act) cost 33 cents for every health care dollar spent between 1996 and 2002. The health care industry covers a wide array of participants all of which all are inevitably subjected to a multitude of regulations and who are all required to exercise compliance to avoid fines and penalties. This poses as one of the leading factors and challenges that the practice of healthcare faces today.…

    • 983 Words
    • 4 Pages
    Good Essays
    Read More