Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Privacy in the spotlight 2010


Published on

Published in: Technology, News & Politics
  • Be the first to comment

  • Be the first to like this

Privacy in the spotlight 2010

  1. 1. OCR stepping up HIPAA privacy, security enforcement
  2. 2. Criminal Penalties • When an individual or covered entity knowingly violates HIPAA and discloses a patient's private health information, they can face up to $50,000 in fines and up to one year in prison. • When the offense is committed under false pretenses, the penalties are higher. Up to $100,000 in fines can be assessed, and violators can spend up to five years in prison.
  3. 3. Privacy violation: Patient records improperly disposed of •Rite Aid Agrees to Pay $1 Million to Settle HIPAA Privacy Case •CVS to pay $2.25 million to settle HIPAA violation
  4. 4. Where did the data end up: In a public dump What information was revealed: Names, addresses, dates of birth, Social Security numbers, insurance information (including policy numbers), patient identification numbers, as well as protected health information such as diagnoses relating to pathology tests
  5. 5. Privacy violation: Patient information faxed to a business
  6. 6. Where did the data end up: An auto shop What information was revealed: Six patients' names, dates of birth, and details about the visits What makes this case special: Unlike so many other examples, this breach of patient confidentiality was accidental. A test fax should have been sent first.
  7. 7. Privacy violation: The selling of patient information
  8. 8. Where did the data end up: A recycling center What information was revealed: Names of patients, as well as their addresses, phone numbers and medical record numbers all on printouts Who was responsible: Hospital janitor Robert Sanders What makes this case special: Sanders sold 30,000 patient record printouts for $40
  9. 9. Privacy violation: Patient information reproduced, posted publicly
  10. 10. Who was responsible: Five nurses What makes this case special: While no patient names, photographs or identifying information appear to have been used, according to the hospital, management insisted on pursuing termination hearings for the employees involved. Where did the data end up:
  11. 11. Privacy violation: Personal discussions involving patients
  12. 12. Where did the data end up: Facebook and in cell phone photos What went down: Pictures were taken of an X-ray Who was involved: Two nurses employed by Mercy Walworth Response: The nurses were fired.
  13. 13. Instead of treating a 60-year-old stabbing victim after his initial arrival at St. Mary Medical Center's ER, nurses and other staff took photos of the man and posted them on Facebook, the Los Angeles Times reports.
  14. 14. Oakwood Hospital Employee Fired for Facebook Posting” “Nurses' jobs at risk for allegedly posting patient info on Facebook” “Hospital worker fired over Facebook comments” “Single tweet by hospital employee to Mississippi governor violates HIPAA and gets her fired” “Nurses Fired Over Cell Phone Photos Of Patient”
  15. 15. Captured on Facebook, the food- fighting nurses at hospital where 1,200 died.