This blog recently discussed tips for a covered entity (CE) in dealing with a HIPAA business associate (BA). Now, even though you have adopted all of the tips and more, in this dangerous and ever more complex data security world, one of your BAs suffers a breach and it becomes your responsibility as the
breach notification
MINNESOTA BLUES GET HEALTH RECORDS SNOOPING BLUES
By William Maruca on
A registered nurse employed by Minnesota Blue Cross Blue Shield (BC/BS) with a history of drug offenses allegedly accessed a prescription drug database 249 times without a legitimate purpose, according to a report by Minneapolis CBS affiliate WCCO posted by reporter Esme Murphy.
The nurse, Jim Johnson, reportedly had been previously assigned by BC/BS under…
HIPAA Failure Results In Penalties: Lack of Compliance the Key
By William Maruca on
Posted in Articles, HIPAA Enforcement
Our partner Keith McMurdy posted this analysis of a recent HIPAA settlement involving a physician practice on our Employee Benefits Legal Blog:
HIPAA Failure Results In Penalties: Lack of Compliance the Key
By Keith R. McMurdy on January 1, 2014Posted in Plan Administration, Welfare Plans
Often, when I am discussing HIPAA privacy compliance,…
Known Unknowns and Data Losses
By William Maruca on
Posted in Security Breach Notification
A New England hospital has reported the disappearance of backup tapes containing ultrasound images and personal data of 14,000 patients. How do you handle a data loss when you don’t have any way of determining where the data went or who may have seen it? Is it still a “breach” in the technical sense?
These questions…
PHI: The University of Tennessee Medical Center Joins the Parade of Potential Security Breaches
By Michael Kline on
Posted in Security Breach Notification
The University of Tennessee Medical Center based in Knoxville has apparently recently joined in the march.…
Continue Reading