| HIPAAdvisory > HIPAAnews > Archives |  |
|
October 2006 News ArchivesOctober 27, 2006 Operator of 12 Hospitals Informs Patients of Data Breach The operator of 12 hospitals in Indiana and Illinois is notifying more than a quarter-million patients that CDs containing their Social Security numbers and other personal information were lost for three days over the summer, reports the Associated Press. The Sisters of St. Francis Health Services, which operates 10 hospitals in Indiana and two in Illinois, said in the warning letter that an employee of a medical billing contractor copied the data onto several CDs in July and placed them in a new computer bag to work from home. That employee later went back to the store to exchange the bag, but accidentally left the discs inside. The person who bought the bag three days later immediately returned the discs and officials were confident the data was not accessed. October 23, 2006 Governors Look for Best Practices A program within the National Governors Association has received a $1.99 million federal grant to help states develop consensus-based best practices for interoperable health information exchanges, reports Health Data Management. The center will form a State Alliance for e-Health, bringing together government agencies, consumers, information technology vendors and other stakeholders. The alliance expects to tackle state-level issues under the one-year contract including privacy and security, and governance and funding of health information exchange organizations. October 13, 2006 Latest HIPAA Survey Finds Security Rule Compliance Remains Low Most “covered entities” have complied to some extent with most of the HIPAA regulations, but Security Rule compliance remains low among healthcare providers, according to results of the latest US Healthcare Industry HIPAA Survey sponsored by Phoenix Health Systems and the Healthcare Information and Management Systems Society (HIMSS). Though the deadline for compliance with the HIPAA Security Rule passed over a year ago, 80% of payers and only 56% of providers who responded to the Summer 2006 Survey have implemented the Security standards. Of those claiming full compliance with the Security Rule, gaps remain; many “compliant” Providers and Payers could not confirm that they had implemented all key Security standards. The twice-yearly survey is in its seventh consecutive year of tracking and reporting on the status of HIPAA compliance within the healthcare industry. October 13, 2006 Doctors Slow to Adopt E-Records for Patients According to a study funded by the Robert Wood Johnson Foundation and released this week, about one in four doctors use some form of electronic health records and fewer than 1 in 10 use such records in the most effective way, reports the Washington Post. There are indications, though, that an increasing number of doctors are adopting electronic record systems every year, said David Blumenthal, an author of the study and the director of the Institute for Health Policy at Massachusetts General Hospital in Boston. But the concept is controversial among many privacy advocates, who fear that sensitive personal information could be accidentally compromised or exploited by hackers, companies or the government. October 10, 2006 Privacy Rule Lawsuit May Resurface Though the Supreme Court recently declined to hear a case that challenged the constitutionality of the HIPAA Privacy rule, the issue may not be closed, according to an attorney for those that filed the lawsuit against the Department of Health and Human Services (HHS), reports Health Data Management. After a federal district court judge in Philadelphia dismissed the lawsuit in 2004, plaintiffs appealed to the US Court of Appeals for the Third Circuit. That court refused to address the constitutional claims because it was not proven that a governmental entity had released identifiable patient information without patient consent, says attorney James Pyles. Now, plaintiffs are considering amending the present lawsuit or filing a new lawsuit against HHS. October 10, 2006 AHIC Workgroup Wrestles with Security Issues A federal advisory panel is leaning toward recommending a standard that would encourage doctors to verify patients face-to-face before allowing them access to secure messaging systems, reports Healthcare IT News. The Confidentiality, Privacy and Security Workgroup of the Department of Health and Human Services (HHS) American Health Information Community (AHIC) met last week to hammer out details on potential recommendations to HHS on identity-proofing techniques and authentication as it applies to secure messaging between providers and their patients. The workgroup would like to make some recommendations to HHS by December.
|
