I must thank Justice Scalia for injecting this delightfully descriptive term into the realm of health care. Justice Scalia’s scathing dissent from the majority in the recent Supreme Court decision interpreting the Patient Protection and Affordable Care Act is rife with memorable expressions, but this is my favorite.
The Merriam Webster definition of jiggery-pokery is:
dishonest or suspicious activity: underhanded manipulation or dealings; trickery.”
It’s not a term I’ve ever used before, but this old-fashioned, Dickensian-sounding term somehow practically begs for use in the context of a very modern and increasingly common context: the HIPAA hacking incident. A recent article in Becker’s Hospital Review lists the “50 biggest data breaches in healthcare” and the most common breach causes are far-and-away hacking and theft. Notably, hacking incidents result in the highest number of affected individuals. Here is the break-down:
* 18 hacking incidents (approximately 94 million affected individuals)
* 18 thefts (approximately 14 million affected individuals)
* 9 unauthorized accesses
* 3 missing equipment (1 storage disk, 1 hard drives, and 1 computer server)
* 1 improper disposal
* 1 “other”
In short, it seems that jiggery-pokery is involved far more often than mere carelessness when it comes to HIPAA breaches. Covered entities and business associates should be alert to dishonest or suspicious activity generally, including from within, but should be especially alert when that activity involves the systems or equipment on which protected health information is created, received, maintained, or transmitted.