A new report finds that the number of large-scale health data breaches increased last year, while the number of patients affected by them decreased. The report from California-based IT security audit provider Redspin Inc., titled “Breach Report 2012, Protected Health Information,” looked at 538 breach incidents since August 2009, when the interim breach notification rule under the HITECH Act went into effect;
By Lawrence G | February 18, 2013 | Healthcare IT, Healthcare Laws and Regulations |
A February 7th letter signed by the chairwoman and the president/CEO of HIMSS expresses “strong support” for adopting ICD-10 by October 1, 2014. The letter from Willa Fields (Chair, HIMSS Board of Directors) and H. Stephen Lieber (President/CEO, HIMSS), submitted to Health and Human Services Secretary Kathleen Sebellius and CMS Acting Administrator Marilyn Tavenner,
By Lawrence G | February 12, 2013 | Healthcare IT, Healthcare Laws and Regulations |
Utah’s Department of Health has reported its second data breach within the past year. This incident involved the personal information of approximately 6,000 Medicaid patients.
On January 10th, an employee of third-party contractor Goold Health Systems (which processes Medicaid pharmacy transactions for the state agency) saved Protected Health Information (PHI) onto a portable USB flash drive which was not encrypted.
By Lawrence G | January 28, 2013 | Healthcare Laws and Regulations, Medical Billing Software |
The Centers for Medicare and Medicaid Services (CMS) paid $1.2 billion in Electronic Health Records systems incentive payments in December 2012. A health insurance specialist at CMS’ office of eHealth Standards and Services characterized the figure to the Health Information Technology Policy Committee by stating, “This is our single largest monthly payment by a factor of three.”
By Lawrence G | January 10, 2013 | Electronic Medical Records News, Healthcare Laws and Regulations |
The HHS’ Office for Civil Rights announced last week the settlement of potential HIPAA violations stemming from a data breach affecting less than 500 individuals. The Office for Civil Rights noted that this is the first settlement for a breach of this smaller size, though there have been over 60,000 such breaches in less than three years (compared with 525 larger breaches involving 500 or more people).
By Lawrence G | January 7, 2013 | Healthcare Laws and Regulations |
The Department of Health and Human Services has extended the deadline for states to submit detailed applications for their own Health Information Exchanges. HHS Secretary Kathleen Sebelius sent letters to all state governors last week advising them of the new December 14, 2012 deadline.
The Affordable Care Act mandates that the states must have HIEs (essentially online marketplaces for health insurance shopping) in place by January 2014.
By Lawrence G | November 13, 2012 | Healthcare IT, Healthcare Laws and Regulations |
The multi-agency Medicare Fraud Strike Force charged 91 people for allegedly participating in schemes amounting to almost $430 million in Medicare fraud. The second such major raid by the government in the past few months netted doctors, nurses, and other licensed medical professionals, some of whom were arrested while others surrendered themselves.
Federal,
By Lawrence G | October 5, 2012 | Electronic Medical Records News, Healthcare Laws and Regulations, Medical Billing Software |
The Department of Health and Human Services (HHS) has announced it will collect $1.5 million from the Massachusetts Eye and Ear Infirmary to settle HIPAA violation allegations. The HHS’ Office of Civil Rights started an investigation into the MEEI and its affiliated physician group Massachusetts Eye and Ear Associates in February 2010, after an unencrypted laptop computer was reported stolen.
By Lawrence G | September 20, 2012 | Healthcare IT, Healthcare Laws and Regulations |
The Department of Health and Human Services and the Department of Veteran Affairs announced a demonstration of the standards for securely and responsibly sharing protected health information (PHI). Using standards defined in the Data Segmentation for Privacy Initiative, the HHS’ Substance Abuse and Mental Health Services Administration and the VA were able to transmit treatment records for a fake test patient from one Electronic Health Records system to a different one,
By Lawrence G | September 18, 2012 | Electronic Medical Records News, Healthcare Laws and Regulations |
The University of Miami Hospital (UMH) has disclosed that two employees were accessing patients’ personal information inappropriately and may have sold it to a third party. According to officials at the hospital, the two employees, who were terminated immediately upon discovery of their activities, were taking data from “face sheets” used during patient registration.
By Lawrence G | September 13, 2012 | Healthcare Laws and Regulations, Medical Billing Software |
