Scanning the Headlines: HIPAA 2010-2011 (Archive)


Updated on October 23, 2012

Click here for HIPAA latest bibliography

Links to full-text articles are provided where available.
For information on obtaining print copies of articles, please call the
AHA Resource Center at (312) 422-2050.


Rhoads, J.  HIPAA update: bracing for HIPAA changes while satisfying the meaningful use requirement.  FacilityCare;16(8):12-13, Nov.-Dec. 2011.  http://www.mydigitalpublication.com/publication/?i=93342

Leppert, M.  CMS delays HIPAA 5010 enforcement.  HealthLeaders Meda.  Nov. 18, 2011.  http://www.healthleadersmedia.com/content/TEC-273447/CMS-Delays-HIPAA-5010-Enforcement

When protecting PHI, don't forget ubiquitous but risky back-up tapes.  AISHealth.com.  Nov. 2011 http://aishealth.com/archive/hipaa1111-06

HIPAA dangers lurk on facebook; ongoing policy revisions are advised. AISHealth.com.  Nov. 2011.  http://aishealth.com/archive/hipaa1111-03

Shaw, G.  ONC takes on patient engagement in HIT.  HealthLeaders Media.  Oct. 6, 2011.  http://www.healthleadersmedia.com/content/TEC-271773/ONC-Takes-on-Patient-Engagement-in-HIT##

Sahai, A.  Privacy in the ether.  H&HN.  Sept. 27, 2011.  http://www.hhnmag.com/hhnmag/HHNDaily/HHNDailyDisplay.dhtml?id=6080008795

As PHI goes airborne, 'cloud' vendors require special scrutiny, leap of faith.  Health Business Daily.  Sept. 16, 2011.  http://aishealth.com/archive/hipaa0911-01

Sack, K.  Patient data posted online in major breach of privacy.  New York Times.  Sept. 8, 2011.  http://www.nytimes.com/2011/09/09/us/09breach.html?_r=1&emc=tnt&tntemail0=y

Anderson, C.  A primer for health care managers:  data sanitization, equipment disposal, and electronic waste.  Health Care Manager.  30(3):266-270, July/Sept. 2011.  http://journals.lww.com/healthcaremanagerjournal/Abstract/2011/07000/A_Primer_for_Health_Care_Managers__Data.11.aspx

New data spill shows risk of online health records.  New York Times.  Aug. 21, 2011. http://www.nytimes.com/aponline/2011/08/21/technology/AP-US-TEC-Medical-Data-Minefield.html?_r=1&scp=16&sq=Health&st=nyt

Nicastro, D.  OCR undecided on including BAs in HIPAA audits.  HealthLeaders Media.  Aug. 5, 2011.  http://www.healthleadersmedia.com/content/FIN-269438/OCR-Undecided-on-Including-BAs-in-HIPAA-Audits##

Researcher:  Medical device data could be target of hackers.  iHealthBeat.  Aug. 4, 2011.  http://www.ihealthbeat.org/articles/2011/8/4/researcher-medical-device-data-could-be-target-of-hackers.aspx

Tocknell, M.  HIPAA disclosure rule comments highlight provider opposition.  HealthLeaders Media.  Aug. 1, 2011.  http://www.healthleadersmedia.com/content/HEP-269195/HIPAA-Disclosure-Rule-Comments-Highlight-Provider-Opposition

Nicastro, D.  HIPAA access reports could aid malpractice attorneys.  HealthLeaders Media.  Aug. 1, 2011.  http://www.healthleadersmedia.com/content/PHY-269194/HIPAA-Access-Reports-Could-Aid-Malpractice-Attorneys##

OCR:  Resolution agreements are likely to impose payment, corrective action plan.  AISHealth.com.  11(8):, Aug. 2011.  http://aishealth.com/archive/hipaa0811-02

Youngstrom, N.  UCLA health system settles HIPAA case over celebrity snooping.  AISHealth.com.  20(25):, July 11, 2011 http://aishealth.com/archive/rmc071111-04

HHS has chosen KPMG as the contractor that will help the Office for Civil Rights with auditing covered entities and their business associates for compliance with HIPAA privacy and security regulations. AIS Government News of the Week, July 11, 2011. http://aishealth.com/archive/rmc071111-25

Calif. hospital system settles celeb records cases.  New York:  Associated Press, July 8, 2011.  http://news.yahoo.com/calif-hospital-system-settles-celeb-records-cases-214133957.html

Kurtz, R.  Proposed HIPAA change would allow people to learn who accessed protected health information.  Becker's Hospital Review.  May 31, 2011.  http://www.beckershospitalreview.com/healthcare-information-technology/proposed-hipaa-change-would-allow-people-to-learn-who-accessed-protected-health-information.html

Irvine, K.  Clinical research and HIPAA/HITECH.  H&HN.  May 10, 2011.  http://www.hhnmag.com/hhnmag/HHNDaily/HHNDailyDisplay.dhtml?id=1520003350

Allina terminates 32 for snooping.  Health Data Management.  May 8, 2011.  http://www.healthdatamanagement.com/news/allina-privacy-security-snooping-employees-fired-42436-1.html

Nicastro, D.  Large patient information breach list climbs to 265.  HealthLeaders Media.  May 3, 2011.  http://www.healthleadersmedia.com/content/TEC-265636/Large-Patient-Information-Breach-List-Climbs-to-265

Commins, J.  Spying technology creates a HIPAA nightmare.  HealthLeaders Media.  May 2, 2011.   http://www.healthleadersmedia.com/content/HR-265584/Spying-Technology-Creates-a-HIPAA-Nightmare

During 'limbo', CEs should tighten their oversight of BAs, enhance protections.  AISHealth.  11(5):1-4, May 2011.  http://aishealth.com/archive/hipaa0511-01

Horowitz, B. Health care data breaches affect 10 million patients since fall 2009.  Health Care IT News.  Apr. 29, 2011.  http://www.eweek.com/c/a/Health-Care-IT/Health-Care-Data-Breaches-Affect-10-Million-Patients-Since-Fall-2009-809191/

Clark, C.  CA investigating latest health net data breach.   HealthLeaders Media.  Mar. 15, 2011.  http://www.healthleadersmedia.com/content/COM-263662/CA-Investigating-Latest-Health-Net-Data-Breach.html

Mass General settles HIPAA case, faces lawsuit over PHI on subway. AIS Government News of the Week, Mar. 14, 2011. [Reprinted from Report on Medicare Compliance 20(9):np, Mar. 14, 2011].  http://aishealth.com/archive/rmc031411-03[free registration required].

Anderson, H., editor.  State AGs to get HIPAA lawsuit training.  Princeton, NJ:  HealthcareInfoSecurity.com.  Mar. 10, 2011.  http://www.healthcareinfosecurity.com/articles.php?art_id=3418

Notice of Privacy Practices (Updated).  American Health Information Management Association AHIMA Practice Brief, AHIMA Journal 2/15/11.  http://library.ahima.org/xpedio/idcplg?IdcService=GET_HIGHLIGHT_INFO&QueryText=xPublishSite+%3CMatches%3E+%60BoK%60+%3CAND%3E+%28%28xSource+%3Csubstring%3E+%60AHIMA+Practice+Brief%60+%3CNOT%3E+xSource+%3Csubstring%3E+%60Practice+Brief+attachment%60%29+%3CAND%3E+dSecurityGroup+%3Csubstring%3E+%60Public%60%29&SortField=xPubDate&SortOrder=Desc&dDocName=bok1_048808&HighlightType=HtmlHighlight&dWebExtension=hcsp

Notice of Privacy Practices (Updated). Appendix A: Sample Notice of Privacy PracticesAmerican Health Information Management Association AHIMA Practice Brief appendix, 2/15/11.  http://library.ahima.org/xpedio/idcplg?IdcService=GET_HIGHLIGHT_INFO&QueryText=xPublishSite+%3CMatches%3E+%60BoK%60+%3CAND%3E+%28%28xSource+%3Csubstring%3E+%60AHIMA+Practice+Brief%60+%3CNOT%3E+xSource+%3Csubstring%3E+%60Practice+Brief+attachment%60%29+%3CAND%3E+dSecurityGroup+%3Csubstring%3E+%60Public%60%29&SortField=xPubDate&SortOrder=Desc&dDocName=bok1_048807&HighlightType=HtmlHighlight&dWebExtension=hcsp

Big Breach at NYC Hospitals. Health Data Management Breaking News, Feb. 14, 2011. http://www.healthdatamanagement.com/news/Big-Breach-at-NYC-Hospitals-41912-1.html?ET=healthdatamanagement:e1662:111840a:&st=email&utm_source=editorial&utm_medium=email&utm_campaign=HDM_Daily_021411

Nicastro, D.  OCR patient data breach list hits milestone.  HealthLeaders Media.  Jan. 24, 2011.  http://www.healthleadersmedia.com/content/TEC-261672/OCR-Patient-Data-Breach-List-Hits-Milestone.html

Nicastro, D.  Health net fined $55K for data breach.  HealthLeaders Media.  Jan. 24, 2011.  http://www.healthleadersmedia.com/content/TEC-261704/Health-Net-Fined-55K-for-Data-Breach.html

Walsh, T.  Security Risk Analysis and Management: an Overview (Updated)AHIMA Practice Brief, AHIMA Journal, 1/15/11.  http://library.ahima.org/xpedio/idcplg?IdcService=GET_HIGHLIGHT_INFO&QueryText=xPublishSite+%3CMatches%3E+%60BoK%60+%3CAND%3E+%28%28xSource+%3Csubstring%3E+%60AHIMA+Practice+Brief%60+%3CNOT%3E+xSource+%3Csubstring%3E+%60Practice+Brief+attachment%60%29+%3CAND%3E+dSecurityGroup+%3Csubstring%3E+%60Public%60%29&SortField=xPubDate&SortOrder=Desc&dDocName=bok1_048622&HighlightType=HtmlHighlight&dWebExtension=hcsp

Four Arizona Health Care Employees Terminated for HER Access Incident.  Oakland, CA:  California Healthcare Foundation.  Jan. 14, 2011.  http://www.ihealthbeat.org/articles/2011/1/14/four-arizona-health-care-employees-terminated-for-ehr-access-incident.aspx

Nicastro, D.  UMC Tucson fires 3 for privacy breaches.  HealthLeaders Media.  Jan. 14, 2011.  http://www.healthleadersmedia.com/content/TEC-261370/UMC-Tucson-Fires-3-for-Privacy-Breaches##

Data Privacy:  How Big a Compliance Challenge?  Minneapolis, MN:  Health Care Compliance Association and Society of Corporate Compliance and Ethics, Jan. 2011.  http://www.hcca-info.org/staticcontent/2011PrivacySurvey_report.pdf

Annual Report to Congress on Breaches of Unsecured Protected Health Information.  For Calendar Years 2009 and 2010.  Washington:  U.S. Department of Health and Human Services, 2011.  http://www.hhs.gov/ocr/privacy/hipaa/administrative/breachnotificationrule/breachrept.pdf

Ponemon Cost of Data Breach.  Smantec.  2011.  http://www.symantec.com/about/news/resources/press_kits/detail.jsp?pkid=ponemon&om_ext_cid=biz_socmed_twitter_facebook_marketwire_linkedin_2011Mar_worldwide_costofdatabreach

Miller, S. A., and Blass, G. HIPAA-before and After HITECH. Will the HITECH act increase compliance activities? Journal of Healthcare Information Management. 24(1):13-4, Winter 2010.

Packer-Tursman, J.  Surveys show that patient privacy is a growing factor as a driver of hospital patient satisfaction.  AIS Health.com.  Dec. 13, 2010.  http://www.aishealth.com/Bnow/hbd121310.html

Brown, B. Protecting the confidentiality of medical records in an interconnected environment.  Journal of Health Care Compliance. 12(6):35-38,  Nov./Dec. 2010.

For HIPAA compliance purposes, who are 'agents'?  The facts matter, but the question remains a vexing one for covered entities and business associates.  AIS Health.com.  Nov. 15, 2010.  http://www.aishealth.com/Bnow/hbd111510.html

Information Sharing in Criminal Justice-Mental Health Collaborations: Working with HIPAA and Other Privacy Laws.  Washington:  Bureau of Justice Assistance.  Oct. 2010.  http://consensusproject.org/jc_publications/info-sharing/Information_Sharing_in_Criminal_Justice-Mental_Health_Collaborations.pdf

Nicastro, D.  Janitor sells patient records for $40.  HealthLeaders Media.  Sept. 21, 2010.  http://www.healthleadersmedia.com/content/QUA-256670/Janitor-Sells-Patient-Records-for-40

Nicastro, D.  GAO:  tighter HIPAA safeguards needed at HHS.  HealthLeaders Media.  Sept. 21, 2010.  http://healthplans.hcpro.com/content.cfm?topic=HEP&content_id=256672

Clark, C.  Hospital fined $250,000 for late reporting of data breach.  HealthLeaders Media.  Sept. 9, 2010.  http://www.healthleadersmedia.com/content/TEC-256217/Hospital-Fined-250000-For-Late-Reporting-of-Data-Breach.html

Nicastro, D.  3 tips for HIPAA privacy officers.  HealthLeaders Media.  Sept. 7, 2010.  http://www.healthleadersmedia.com/content/LED-256054/3-Tips-For-HIPAA-Privacy-Officers

Nicastro, D.  Healthcare breach list hits 150 mark.  HealthLeaders Media.  Sept. 7, 2010.  http://www.healthleadersmedia.com/content/TEC-256055/Healthcare-Breach-List-Hits-150-Mark

Stronger Safeguards Needed for Contractor Access to Sensitive Information.  Washington:  United States Government Accountability Office, Sept. 2010. http://www.gao.gov/new.items/d10693.pdf

Chicago laptop theft affects 7,000HealthData Management.  Aug. 23, 2010.

Pear, R. Tighter Medical Privacy Rules SoughtNew York Times online, Aug. 22, 2010.

Nicastro, D.  Healthcare data breaches lag other industries.  HealthLeaders Media.  Aug. 20, 2010.

Heitin, L.  Simple mailing mistakes could now be HIPAA violations under new HHS fundraising rulesAIS Health.com.  Aug. 17, 2010.

Paper data breach hits four hospitalsHealth Data Management, Aug. 13, 2010.

Nicastro, D.  HITRUST: HIPAA breaches near $1 billion.  HealthLeaders Media.  Aug. 12, 2010.

How to avoid a HIPAA horror story. Healthcare Financial Management. 64(8):82-88, Aug. 2010

Brown, B. The new HIPAA: provisions of the Patient Protection and Affordable Care Act. Journal of Health Care Compliance. 12(4):35-36, July/Aug. 2010.

Gottlieb, D., and others. OCR issues proposed modifications to HIPAA privacy and security rules to implement HITECH actBecker's Ascreview.  July 28, 2010.

Nicastro, D.  Digesting the HIPAA proposed rule.  HealthLeaders Media.  July 21,2010.

Nicastro, D.  HHS addresses privacy, security concerns in HER programHealthLeaders Media.  July 16, 2010

Precautions Must be Taken to Address Privacy Risks of Popular Patient Websites.  AIS Health.Com.  July 14,2010.

Nicastro, D.  Private Practices Revealed in Patient Breach WebsiteHealthLeaders Media.  July 13,2010.

Nicastro, D.  HHS Proposes Tighter HIPAA Privacy RuleHealthLeaders Media.  July 8, 2010.

Clark, C.  Six major patient record breaches draw $675,000 in penaltiesHealthLeaders Media.  June 11, 2010.

Insurer Won't Pay for Breach. Health Data Management, Breaking News, June 9, 2010.

Preemption of the HIPAA privacy rule (updated).  Journal of AHIMA.  June 2010.  http://library.ahima.org/xpedio/groups/public/documents/ahima/bok1_048022.hcsp?dDocName=bok1_048022

Boerner, C. M. View HIPAA breaches affecting 500 or more individuals online. Journal of Health Care Compliance. 12(3):31-32, May/June 2010.

Blass, G., and Miller, S. A. Protection detail. Protecting against breach of electronic protected health information.  Journal of Healthcare Information Management. 24(3):7-8, Summer 2010.

Ostrom, C.  Law allows hospitals to use patient records for fundraisingThe SeattleTimes.  May 23,2010.

Betbeze, P.  Patient information breaches: leadership’s responsibilityHealthLeaders Media.  May 21, 2010.

Nicastro, D.  Main culprit in large patient information breaches : unencrypted laptopsHealthLeaders Media.  May 17, 2010.

Vijayan, J.  P2P networks a treasure trove of leaked health care data, study finds.  Computerworld  Blogs.  May 17,2010.

N.M. medicaid breach affects 9,600HealthData Management.  May 13, 2010.

Nicastro, D.  Experts: train employees not  to snoop: fire those who doHealthLeaders Media.  May 10, 2010.

Nicastro D.  Office for civil rights wants guidance on hitech her disclosure ruleHealthLeaders Media.  May 3, 2010.

Photos of shark victim underscore threat from cell phone cameras.  ED Management.  22(5):49-51, May 2010.

Prohibit cell phones to ensure privacy.  ED Management.  22(5):51, May 2010.

Prison for hipaa privacy violatorHealthData Management.  Apr. 28,2010.

Slow Hospital Compliance With New Regulations Causing Increased Data Breaches & Medical Indentify Theft.  Framingham, MA;   Identity Force.  April 20, 2010. 

Keteyian, A. Digital Photocopiers Loaded With Secrets: Your Office Copy Machine Might Digitally Store Thousands of Documents That Get Passed on at Resale. CBS Evening News, Apr 15, 2010.

Heitin, L.  Follow the foot traffic to locate patient privacy risks in your facility.  AIS Health.com.  Apr. 13, 2010.

Nicastro, D.  Privacy act protects some practices with patient data breachesHealthLeaders Media.  Apr. 12, 2010.

Rauber, C.  John Muir Health to notify 5,450 patients of data breach.  San Francisco Business Times.  Apr. 5, 2010.

HIMSS Report and Webcast : Security of Patient Data.  Kroll Fraud Solutions.  Apr. 5,  2010.

Gallagher, L. A. Revisiting HIPAA. Nursing Management. 41(4):34-39, Apr. 2010.

Brown, B. HIEs are using and disclosing PHI in ways that may not have been anticipated by HIPAA. Journal of Health Care Compliance. 12(2):43-44, Mar.-Apr. 2010.

Wild, K. R. The evolution of HIPAA: the only constant is change. Journal of Health Care Compliance. 12(2):33-36, Mar.-Apr. 2010.

Griffin Hospital Notifies Patients of Breach of Protected Health Information.  Derby, CT:  Griffin Health.  Mar. 29, 2010.

Nicastro, D.  Industry insiders question not revealing violators of health information breachesHealthLeaders Media.  Mar. 22, 2010.

HHS posts data breach notificationsHealth Data Management.  Feb. 23, 2010.

Nicastro, D.  OCR leader: no HIPAA enforcement schedule yetHealthLeaders Media.  Feb. 8, 2010.

Shaw, G.  Does anybody care about HIPAA anymoreHealthLeaders Media.  Feb. 10, 2010.

Nicastro, D.  Seven tips to comply with HITECH requirementsHealthLeaders Media.  Jan. 12, 2010.

Nicastro, D.  How to prevent top three health information breachesHealthLeaders Media.  Jan. 4, 2010.

2009 Annual Study: Cost of a Data Breach.  Traverse City, MI:  Ponemon Institute, LLC, Jan. 2010.

Privacy: From Barrier to Enabler of Health Information Technology. (HIT).  Washington:  National Quality Forum.  Issue Brief No. 18, Jan. 2010.

 

About AHA

Membership

Member Constituency Sections

Key Relationships

News Center

Performance Improvement

Advocacy Issues

Products & Services

Publications

Research & Trends

Locations

155 N. Wacker Dr.
Chicago, Illinois 60606
312.422.3000

800 10th Street, N.W.
Two CityCenter, Suite 400
Washington, DC 20001-4956
202.638.1100

1.800.424-4301