How common are HIPAA violations
It seems that HIPAA violations are becoming more and more prevalent.
HIPAA helper has common HIPAA privacy and security violations flagged so you can work to avoid them
There’s no doubt the HIPAA regulations are detailed and difficult to follow — or in some of my favorite, commonly used descriptors for healthcare law, arcane and byzantine.
Yes, HIPAA compliance is not much fun for the average bear, unless you’re a HIPAA compliance officer or HIPAA attorney or you love IT security and policies, procedures and forms. This may be why so many healthcare entities get into HIPAA trouble.
A short while ago, in a nearby galaxy…
A short while ago, in a galaxy close by, one of the nurses from Gee’s Clinic took a patient file from the office into her car to study it later that night.
She stopped at a local prayer meeting and asked to be shown the path to true responsibility.
The file was in her car, on the passenger side, and she neglected to lock the door.
That night, she was shown the path to true responsibility as a thief opened the car door and snatched the file. Some hours later, the patient’s name, address, diagnosis, and treatment plan appeared on a website.
The state inspector arrived soon after at the clinic, demanding to know whether the nurse had been fired.
Unfortunately, the clinic had bought a bunch of HIPAA forms from someone somewhere–plus they had an electronic medical record (EMR) system that was said to be “HIPAA compliant.” So there was no formal policy telling them what to do to an employee in case of a HIPAA breach for which the employee was responsible.
And, the nurse happened to be the CEO’s sister.
The Public Relations officer watched the state inspector rifle through the binder of purchased form HIPAA forms – some of the blanks had, mercifully, been filled in by ink the day after the incident. She hoped he would be soothed as she offered him a chamomile tea spiked with cinnamon and agave nectar.
Helping you uncover who is revealing what
When I was a kid, I thought Hamburger Helper had pretty good branding.
Of course, that was a long time before I read books like, The Face on Your Plate.ith your HIPAA compliance questions and needs
Well HIPAA Helper is a catchy name too. The site lets you “easily search whether your hospital, clinic, pharmacy or health insurer has been named in patient privacy complaints, breaches or violations.”
It also lists common or notable HIPAA violations. These include:
- Care staff mistakenly gave patient’s colonscopy photograph to the wrong patient.
- A nurse gave a patient the wrong placentia.
- A nurse “inadvertently notified” a minor patient’s father that his daughter was pregnant, before the daughter could share the news.
- A physician assistant took pictures of a trauma patient and posted them online.
- A hospital named the wrong patient as part of a “firearms prohibition” reporting system.
- A VA employee access the patient records of a patient he was “allegedly dating or wanting to date.”
- A housekeeper found papers containing patient names, SSNs, dates of birth, and medication lists in recycling bins in the parking lot.
- A nursing home worker shared photos or videos of patient residents on social medial.
HIPAA Helper compiles its list from government sources.
It makes for interesting reading for those wanting to avoid the more common HIPAA violations.
What happens at the hospital or clinic, stays at the hospital or clinic
It ain’t Vegas, but what goes on there, stays there.
Don’t take a patient file and leave it in the passenger seat of an unlocked car.
Don’t do any of the things listed in the above case studies — and if they’re done within your institution, by someone related to you, let your policies and procedures (which you’ve hopefully had drafted ahead of time, with plenty of care and legal input), guide your decision-making.
Don’t rely on chamomile and agave nectar to soothe the HIPAA compliance watchdogs.
Do get HIPAA legal counsel.
These days, HIPAA is getting more and more complicated, the data burgeoning as BYOD (bring-your-own-device) comes into play, in addition to desktops and laptops in the office.
As HIPAA lawyers, we not only counsel healthcare clients preventatively, we also address data breaches when they occur.
Contact us with your HIPAA compliance questions and needs.