Category Archives: Patient Privacy

HIPAA Violation Carries Jail Time

A former Florida nursing assistant pleaded guilty to wrongfully disclosing protected health information of residents in an assisted living facility. Denetria Barnes and Jakiel Bazart stole HIPAA protected records and sold the individual’s names, birth dates and social security numbers. An undercover sting with the cooperation of a number of law enforcement agencies caught the pair attempting to sell information for approximately 400 individuals for $15,000. A Florida district court judge has ordered restitution of $12,000, a sentence of 37 months in prison followed by 3 years of supervised release.

More information can be found at the US Department of Justice website http://www.justice.gov.

Cameras, Citations and Abuse Investigations – Caring for the Ages Article

Covert video monitoring of care in long-term care facilities is becoming more and more pervasive.  As a result, regulatory citations and investigations that are initiated by covert video monitoring are on the rise.

Janet Feldkamp discusses these issues in a recent article entitled “Cameras, Citations and Abuse Investigations” which appeared in the September 11, 2013 edition of Caring for the Ages.

You can find a copy of Janet’s article  here —>  Cameras, Citations and Abuse Investigations

HITECH Compliance Deadline for Protected Health Information is Almost Here

The Health Information Technology for Economic and Clinical Health (HITECH) Act’s compliance deadline for its HIPAA amendments is just around the corner. On September 23, 2013, the Department of Health and Human Services (HHS) will require covered entities, including most health care providers, and many of their business associates to meet the new Privacy Rule, Security Rule, and Breach Notification requirements for protected health information (PHI). In preparation, covered entities and business associates should have updated policies, procedures, and business associate agreements, as well as trained employees on the new rules. Business associate agreements created, modified, or renewed on or after January 25, 2013 must be compliant by September 23, while agreements existing before January 25 that have not been subsequently renewed or modified must be compliant by September 22, 2014.  Continue reading

HHS Settles Case Regarding HIPAA Risks of ePHI on Portable Devices

Earlier this week, HHS announced that it had reached a settlement agreement with the Massachusetts Eye and Ear Infirmary and Massachusetts Eye and Ear Associates, Inc. in the amount of $1.5 million, relating to a breach report submitted by MEEI. The report, as required by the HIPAA Breach Notification Rule, was made after the theft of an unencrypted personal laptop containing electronic protected health information (ePHI) of patients and research subjects. Continue reading