Archive for HIPAA privacy
The wife of a murdered high school football coach urged Congress during testimony April 26 to update HIPAA to prevent further tragedies.
In June of 2009, a former player of coach Ed Thomas of the Aplington-Parkersburg High School football team in Parkersburg, Iowa, walked into a summer training session in the high school’s weight room and shot Thomas several times. The coach died later that day. The player was sentence to life in prison in 2010.
According to the testimony of Jan Thomas, the former player, Mark Becker, had been released from a hospital 24 hours earlier without anyone’s knowledge despite law enforcement authorities requesting the hospital alert them. Becker had rammed his car into the garage of an acquaintance, and tried to break his way into the house with a baseball bat, Thomas told Congress. When police arrived, he fled in his car leading law enforcement on a high speed chase. When the police apprehended him, he was then taken to an area hospital for psychological evaluation.
No one knew Becker was released, she said.
“Law enforcement was not notified, even though they had requested the hospital let them know when he was being dismissed,” Thomas said. “The hospital’s justification for not notifying law enforcement prior to his release was that HIPAA prevented this disclosure. Even his parents didn’t know until he called them later that evening. No one knew he had been released, but Mark’s privacy had been protected.”
Adults with severe mental illnesses are not always able to make good choices for themselves concerning their treatment or their actions, Thomas said, adding they may need help of a family member or other responsible parties to be
sure they receive required treatment.
“Due to HIPAA, even Mark’s parents were unable to get requested information or help make decisions for his treatment,” Thomas said. “I ask you. Is the privacy of one individual more sacred than a life? Is it more important than the welfare of the general public? Is it more important than allowing our law enforcement to know when a potentially violent offender is being released back into the very communities they risk their own lives to protect?”
Police wanted to find a missing 81-year-old man. But HIPAA wouldn’t let them.
Officials at Salem (Ore.) Hospital wouldn’t confirm the man was a patient when police came originally looking, according to a March 8 Statesman Journal.
“It’s a cumbersome law,” Salem police Lt. Steve Birr said. “When I managed the missing persons caseload, one of the difficult things is that we have people with mental illnesses, and they could end up in a mental health facility and you would never know it and they would never tell you.”
According to the March 8 Journal article, neighbors reported Thomas Dill missing to police after they noticed his absence from their apartment complex. Police weren’t concerned about Dill’s mental health, but they worried that the 81-year-old, who is diabetic, could have experienced a medical emergency that lead to his disappearance.
When police called area hospitals to see whether Dill was a patient, Salem Hospital said they couldn’t answer the question because it was PHI.
Police learned Dill was a patient at Salem Hospital two days later thanks to a tip from an anonymous caller.
He’s since been transferred to an adult care facility.
A Massachusetts city’s ambulance service announced March 14 a data beach incident affecting records of a number of ambulance patients.
Advanced Data Processing, Inc./Intermedix, which manages billing for the Gloucester (Mass.) Fire Department Ambulance Service, learned on October 1, 2012, that one of its employees improperly accessed and disclosed certain patient account information in connection with a scheme to file false federal tax returns. Accessed account information included name, date of birth, Social Security number and record identifier, but no medical information was accessed.
The employee was apprehended by authorities, immediately terminated and no longer has access to company systems. The company also thoroughly investigated the matter.
To help minimize the risk of future data breaches, the Company is making its employees aware of this incident and the consequences to the individual involved and reminding its employees of the importance of maintaining the security and confidentiality of individual records.
Chris Apgar, CISSP, and Jeff Drummond once again team to produce an HCPro, Inc. audio conference to help you understand the HIPAA Final Rule, describe the changes you need to know, and provide best practices to meet the new rule and stay in compliance.
Privacy and security updates, enforcement rule changes, impact to business associates and subcontractors, and changes to the breach notification rule must be addressed to keep your facility out of trouble.
A Johns Hopkins gynecologist who turned up dead Feb. 18 may have photographed and videotaped his patients without permission, according to a report in The Baltimore Sun.
Nikita A. Levy, 54, was let go by Johns Hopkins Medicine earlier this month after a colleague alerted security staff to the allegations, hospital officials said. They said Levy had been capturing images of patients with personal photo and video equipment, according to The Sun.
Levy worked at Hopkins’ East Baltimore Medical Center for more than two decades.
A hospital spokesperson said Levy’s alleged behavior violated Hopkins code of conduct and privacy policies and was “against everything for which Johns Hopkins Medicine stands.”
Police officials say the death is being investigated as a suicide. No gun or knife was used. His body was to be taken to the state Office of the Chief Medical Examiner for an autopsy.