Scanning the Headlines: HIPAA 2010-2011 (Archive)
Updated on October 23, 2012
Links to full-text articles are provided where available.
For information on obtaining print copies of articles, please call the AHA Resource Center at (312) 422-2050.
Rhoads, J. HIPAA update: bracing for HIPAA changes while satisfying the meaningful use requirement. FacilityCare;16(8):12-13, Nov.-Dec. 2011. http://www.mydigitalpublication.com/publication/?i=93342
Leppert, M. CMS delays HIPAA 5010 enforcement. HealthLeaders Meda. Nov. 18, 2011. http://www.healthleadersmedia.com/content/TEC-273447/CMS-Delays-HIPAA-5010-Enforcement
When protecting PHI, don't forget ubiquitous but risky back-up tapes. AISHealth.com. Nov. 2011. http://aishealth.com/archive/hipaa1111-06
HIPAA dangers lurk on facebook; ongoing policy revisions are advised. AISHealth.com. Nov. 2011. http://aishealth.com/archive/hipaa1111-03
Shaw, G. ONC takes on patient engagement in HIT. HealthLeaders Media. Oct. 6, 2011. http://www.healthleadersmedia.com/content/TEC-271773/ONC-Takes-on-Patient-Engagement-in-HIT##
Sahai, A. Privacy in the ether. H&HN. Sept. 27, 2011. http://www.hhnmag.com/hhnmag/HHNDaily/HHNDailyDisplay.dhtml?id=6080008795
As PHI goes airborne, 'cloud' vendors require special scrutiny, leap of faith. Health Business Daily. Sept. 16, 2011. http://aishealth.com/archive/hipaa0911-01
Sack, K. Patient data posted online in major breach of privacy. New York Times. Sept. 8, 2011. http://www.nytimes.com/2011/09/09/us/09breach.html?_r=1&emc=tnt&tntemail0=y
Anderson, C. A primer for health care managers: data sanitization, equipment disposal, and electronic waste. Health Care Manager. 30(3):266-270, July/Sept. 2011. http://journals.lww.com/healthcaremanagerjournal/Abstract/2011/07000/A_Primer_for_Health_Care_Managers__Data.11.aspx
New data spill shows risk of online health records. New York Times. Aug. 21, 2011. http://www.nytimes.com/aponline/2011/08/21/technology/AP-US-TEC-Medical-Data-Minefield.html?_r=1&scp=16&sq=Health&st=nyt
Nicastro, D. OCR undecided on including BAs in HIPAA audits. HealthLeaders Media. Aug. 5, 2011. http://www.healthleadersmedia.com/content/FIN-269438/OCR-Undecided-on-Including-BAs-in-HIPAA-Audits##
Researcher: Medical device data could be target of hackers. iHealthBeat. Aug. 4, 2011. http://www.ihealthbeat.org/articles/2011/8/4/researcher-medical-device-data-could-be-target-of-hackers.aspx
Tocknell, M. HIPAA disclosure rule comments highlight provider opposition. HealthLeaders Media. Aug. 1, 2011. http://www.healthleadersmedia.com/content/HEP-269195/HIPAA-Disclosure-Rule-Comments-Highlight-Provider-Opposition
Nicastro, D. HIPAA access reports could aid malpractice attorneys. HealthLeaders Media. Aug. 1, 2011. http://www.healthleadersmedia.com/content/PHY-269194/HIPAA-Access-Reports-Could-Aid-Malpractice-Attorneys##
OCR: Resolution agreements are likely to impose payment, corrective action plan. AISHealth.com. 11(8):, Aug. 2011. http://aishealth.com/archive/hipaa0811-02
Youngstrom, N. UCLA health system settles HIPAA case over celebrity snooping. AISHealth.com. 20(25):, July 11, 2011. http://aishealth.com/archive/rmc071111-04
HHS has chosen KPMG as the contractor that will help the Office for Civil Rights with auditing covered entities and their business associates for compliance with HIPAA privacy and security regulations. AIS Government News of the Week, July 11, 2011. http://aishealth.com/archive/rmc071111-25
Calif. hospital system settles celeb records cases. New York: Associated Press, July 8, 2011. http://news.yahoo.com/calif-hospital-system-settles-celeb-records-cases-214133957.html
Kurtz, R. Proposed HIPAA change would allow people to learn who accessed protected health information. Becker's Hospital Review. May 31, 2011. http://www.beckershospitalreview.com/healthcare-information-technology/proposed-hipaa-change-would-allow-people-to-learn-who-accessed-protected-health-information.html
Irvine, K. Clinical research and HIPAA/HITECH. H&HN. May 10, 2011. http://www.hhnmag.com/hhnmag/HHNDaily/HHNDailyDisplay.dhtml?id=1520003350
Allina terminates 32 for snooping. Health Data Management. May 8, 2011. http://www.healthdatamanagement.com/news/allina-privacy-security-snooping-employees-fired-42436-1.html
Nicastro, D. Large patient information breach list climbs to 265. HealthLeaders Media. May 3, 2011. http://www.healthleadersmedia.com/content/TEC-265636/Large-Patient-Information-Breach-List-Climbs-to-265
Commins, J. Spying technology creates a HIPAA nightmare. HealthLeaders Media. May 2, 2011. http://www.healthleadersmedia.com/content/HR-265584/Spying-Technology-Creates-a-HIPAA-Nightmare
During 'limbo', CEs should tighten their oversight of BAs, enhance protections. AISHealth. 11(5):1-4, May 2011. http://aishealth.com/archive/hipaa0511-01
Horowitz, B. Health care data breaches affect 10 million patients since fall 2009. Health Care IT News. Apr. 29, 2011. http://www.eweek.com/c/a/Health-Care-IT/Health-Care-Data-Breaches-Affect-10-Million-Patients-Since-Fall-2009-809191/
Clark, C. CA investigating latest health net data breach. HealthLeaders Media. Mar. 15, 2011. http://www.healthleadersmedia.com/content/COM-263662/CA-Investigating-Latest-Health-Net-Data-Breach.html
Mass General settles HIPAA case, faces lawsuit over PHI on subway. AIS Government News of the Week, Mar. 14, 2011. [Reprinted from Report on Medicare Compliance 20(9):np, Mar. 14, 2011]. http://aishealth.com/archive/rmc031411-03[free registration required].
Anderson, H., editor. State AGs to get HIPAA lawsuit training. Princeton, NJ: HealthcareInfoSecurity.com. Mar. 10, 2011. http://www.healthcareinfosecurity.com/articles.php?art_id=3418
Notice of Privacy Practices (Updated). American Health Information Management Association AHIMA Practice Brief, AHIMA Journal 2/15/11. http://library.ahima.org/xpedio/idcplg?IdcService=GET_HIGHLIGHT_INFO&QueryText=xPublishSite+%3CMatches%3E+%60BoK%60+%3CAND%3E+%28%28xSource+%3Csubstring%3E+%60AHIMA+Practice+Brief%60+%3CNOT%3E+xSource+%3Csubstring%3E+%60Practice+Brief+attachment%60%29+%3CAND%3E+dSecurityGroup+%3Csubstring%3E+%60Public%60%29&SortField=xPubDate&SortOrder=Desc&dDocName=bok1_048808&HighlightType=HtmlHighlight&dWebExtension=hcsp
Notice of Privacy Practices (Updated). Appendix A: Sample Notice of Privacy Practices. American Health Information Management Association AHIMA Practice Brief appendix, 2/15/11. http://library.ahima.org/xpedio/idcplg?IdcService=GET_HIGHLIGHT_INFO&QueryText=xPublishSite+%3CMatches%3E+%60BoK%60+%3CAND%3E+%28%28xSource+%3Csubstring%3E+%60AHIMA+Practice+Brief%60+%3CNOT%3E+xSource+%3Csubstring%3E+%60Practice+Brief+attachment%60%29+%3CAND%3E+dSecurityGroup+%3Csubstring%3E+%60Public%60%29&SortField=xPubDate&SortOrder=Desc&dDocName=bok1_048807&HighlightType=HtmlHighlight&dWebExtension=hcsp
Big Breach at NYC Hospitals. Health Data Management Breaking News, Feb. 14, 2011. http://www.healthdatamanagement.com/news/Big-Breach-at-NYC-Hospitals-41912-1.html?ET=healthdatamanagement:e1662:111840a:&st=email&utm_source=editorial&utm_medium=email&utm_campaign=HDM_Daily_021411
Nicastro, D. OCR patient data breach list hits milestone. HealthLeaders Media. Jan. 24, 2011. http://www.healthleadersmedia.com/content/TEC-261672/OCR-Patient-Data-Breach-List-Hits-Milestone.html
Nicastro, D. Health net fined $55K for data breach. HealthLeaders Media. Jan. 24, 2011. http://www.healthleadersmedia.com/content/TEC-261704/Health-Net-Fined-55K-for-Data-Breach.html
Walsh, T. Security Risk Analysis and Management: an Overview (Updated). AHIMA Practice Brief, AHIMA Journal, 1/15/11. http://library.ahima.org/xpedio/idcplg?IdcService=GET_HIGHLIGHT_INFO&QueryText=xPublishSite+%3CMatches%3E+%60BoK%60+%3CAND%3E+%28%28xSource+%3Csubstring%3E+%60AHIMA+Practice+Brief%60+%3CNOT%3E+xSource+%3Csubstring%3E+%60Practice+Brief+attachment%60%29+%3CAND%3E+dSecurityGroup+%3Csubstring%3E+%60Public%60%29&SortField=xPubDate&SortOrder=Desc&dDocName=bok1_048622&HighlightType=HtmlHighlight&dWebExtension=hcsp
Four Arizona Health Care Employees Terminated for HER Access Incident. Oakland, CA: California Healthcare Foundation. Jan. 14, 2011. http://www.ihealthbeat.org/articles/2011/1/14/four-arizona-health-care-employees-terminated-for-ehr-access-incident.aspx
Nicastro, D. UMC Tucson fires 3 for privacy breaches. HealthLeaders Media. Jan. 14, 2011. http://www.healthleadersmedia.com/content/TEC-261370/UMC-Tucson-Fires-3-for-Privacy-Breaches##
Data Privacy: How Big a Compliance Challenge? Minneapolis, MN: Health Care Compliance Association and Society of Corporate Compliance and Ethics, Jan. 2011. http://www.hcca-info.org/staticcontent/2011PrivacySurvey_report.pdf
Annual Report to Congress on Breaches of Unsecured Protected Health Information. For Calendar Years 2009 and 2010. Washington: U.S. Department of Health and Human Services, 2011. http://www.hhs.gov/ocr/privacy/hipaa/administrative/breachnotificationrule/breachrept.pdf
Ponemon Cost of Data Breach. Smantec. 2011. http://www.symantec.com/about/news/resources/press_kits/detail.jsp?pkid=ponemon&om_ext_cid=biz_socmed_twitter_facebook_marketwire_linkedin_2011Mar_worldwide_costofdatabreach
Miller, S. A., and Blass, G. HIPAA-before and After HITECH. Will the HITECH act increase compliance activities? Journal of Healthcare Information Management. 24(1):13-4, Winter 2010.
Packer-Tursman, J. Surveys show that patient privacy is a growing factor as a driver of hospital patient satisfaction. AIS Health.com. Dec. 13, 2010. http://www.aishealth.com/Bnow/hbd121310.html
Brown, B. Protecting the confidentiality of medical records in an interconnected environment. Journal of Health Care Compliance. 12(6):35-38, Nov./Dec. 2010.
For HIPAA compliance purposes, who are 'agents'? The facts matter, but the question remains a vexing one for covered entities and business associates. AIS Health.com. Nov. 15, 2010. http://www.aishealth.com/Bnow/hbd111510.html
Information Sharing in Criminal Justice-Mental Health Collaborations: Working with HIPAA and Other Privacy Laws. Washington: Bureau of Justice Assistance. Oct. 2010. http://consensusproject.org/jc_publications/info-sharing/Information_Sharing_in_Criminal_Justice-Mental_Health_Collaborations.pdf
Nicastro, D. Janitor sells patient records for $40. HealthLeaders Media. Sept. 21, 2010. http://www.healthleadersmedia.com/content/QUA-256670/Janitor-Sells-Patient-Records-for-40
Nicastro, D. GAO: tighter HIPAA safeguards needed at HHS. HealthLeaders Media. Sept. 21, 2010. http://healthplans.hcpro.com/content.cfm?topic=HEP&content_id=256672
Clark, C. Hospital fined $250,000 for late reporting of data breach. HealthLeaders Media. Sept. 9, 2010. http://www.healthleadersmedia.com/content/TEC-256217/Hospital-Fined-250000-For-Late-Reporting-of-Data-Breach.html
Nicastro, D. 3 tips for HIPAA privacy officers. HealthLeaders Media. Sept. 7, 2010. http://www.healthleadersmedia.com/content/LED-256054/3-Tips-For-HIPAA-Privacy-Officers
Nicastro, D. Healthcare breach list hits 150 mark. HealthLeaders Media. Sept. 7, 2010. http://www.healthleadersmedia.com/content/TEC-256055/Healthcare-Breach-List-Hits-150-Mark
Stronger Safeguards Needed for Contractor Access to Sensitive Information. Washington: United States Government Accountability Office, Sept. 2010. http://www.gao.gov/new.items/d10693.pdf
Chicago laptop theft affects 7,000. HealthData Management. Aug. 23, 2010.
Pear, R. Tighter Medical Privacy Rules Sought. New York Times online, Aug. 22, 2010.
Nicastro, D. Healthcare data breaches lag other industries. HealthLeaders Media. Aug. 20, 2010.
Heitin, L. Simple mailing mistakes could now be HIPAA violations under new HHS fundraising rules. AIS Health.com. Aug. 17, 2010.
Paper data breach hits four hospitals. Health Data Management, Aug. 13, 2010.
Nicastro, D. HITRUST: HIPAA breaches near $1 billion. HealthLeaders Media. Aug. 12, 2010.
How to avoid a HIPAA horror story. Healthcare Financial Management. 64(8):82-88, Aug. 2010
Brown, B. The new HIPAA: provisions of the Patient Protection and Affordable Care Act. Journal of Health Care Compliance. 12(4):35-36, July/Aug. 2010.
Gottlieb, D., and others. OCR issues proposed modifications to HIPAA privacy and security rules to implement HITECH act. Becker's Ascreview. July 28, 2010.
Nicastro, D. Digesting the HIPAA proposed rule. HealthLeaders Media. July 21,2010.
Nicastro, D. HHS addresses privacy, security concerns in HER program. HealthLeaders Media. July 16, 2010
Precautions Must be Taken to Address Privacy Risks of Popular Patient Websites. AIS Health.Com. July 14,2010.
Nicastro, D. Private Practices Revealed in Patient Breach Website. HealthLeaders Media. July 13,2010.
Nicastro, D. HHS Proposes Tighter HIPAA Privacy Rule. HealthLeaders Media. July 8, 2010.
Clark, C. Six major patient record breaches draw $675,000 in penalties. HealthLeaders Media. June 11, 2010.
Preemption of the HIPAA privacy rule (updated). Journal of AHIMA. June 2010. http://library.ahima.org/xpedio/groups/public/documents/ahima/bok1_048022.hcsp?dDocName=bok1_048022
Boerner, C. M. View HIPAA breaches affecting 500 or more individuals online. Journal of Health Care Compliance. 12(3):31-32, May/June 2010.
Blass, G., and Miller, S. A. Protection detail. Protecting against breach of electronic protected health information. Journal of Healthcare Information Management. 24(3):7-8, Summer 2010.
Ostrom, C. Law allows hospitals to use patient records for fundraising. The SeattleTimes. May 23,2010.
Betbeze, P. Patient information breaches: leadership’s responsibility. HealthLeaders Media. May 21, 2010.
Nicastro, D. Main culprit in large patient information breaches : unencrypted laptops. HealthLeaders Media. May 17, 2010.
Vijayan, J. P2P networks a treasure trove of leaked health care data, study finds. Computerworld Blogs. May 17,2010.
N.M. medicaid breach affects 9,600. HealthData Management. May 13, 2010.
Nicastro, D. Experts: train employees not to snoop: fire those who do. HealthLeaders Media. May 10, 2010.
Nicastro D. Office for civil rights wants guidance on hitech her disclosure rule. HealthLeaders Media. May 3, 2010.
Photos of shark victim underscore threat from cell phone cameras. ED Management. 22(5):49-51, May 2010.
Prohibit cell phones to ensure privacy. ED Management. 22(5):51, May 2010.
Prison for hipaa privacy violator. HealthData Management. Apr. 28,2010.
Slow Hospital Compliance With New Regulations Causing Increased Data Breaches & Medical Indentify Theft. Framingham, MA; Identity Force. April 20, 2010.
Keteyian, A. Digital Photocopiers Loaded With Secrets: Your Office Copy Machine Might Digitally Store Thousands of Documents That Get Passed on at Resale. CBS Evening News, Apr 15, 2010.
Heitin, L. Follow the foot traffic to locate patient privacy risks in your facility. AIS Health.com. Apr. 13, 2010.
Nicastro, D. Privacy act protects some practices with patient data breaches. HealthLeaders Media. Apr. 12, 2010.
Rauber, C. John Muir Health to notify 5,450 patients of data breach. San Francisco Business Times. Apr. 5, 2010.
HIMSS Report and Webcast : Security of Patient Data. Kroll Fraud Solutions. Apr. 5, 2010.
Gallagher, L. A. Revisiting HIPAA. Nursing Management. 41(4):34-39, Apr. 2010.
Brown, B. HIEs are using and disclosing PHI in ways that may not have been anticipated by HIPAA. Journal of Health Care Compliance. 12(2):43-44, Mar.-Apr. 2010.
Wild, K. R. The evolution of HIPAA: the only constant is change. Journal of Health Care Compliance. 12(2):33-36, Mar.-Apr. 2010.
Griffin Hospital Notifies Patients of Breach of Protected Health Information. Derby, CT: Griffin Health. Mar. 29, 2010.
Nicastro, D. Industry insiders question not revealing violators of health information breaches. HealthLeaders Media. Mar. 22, 2010.
HHS posts data breach notifications. Health Data Management. Feb. 23, 2010.
Nicastro, D. OCR leader: no HIPAA enforcement schedule yet. HealthLeaders Media. Feb. 8, 2010.
Shaw, G. Does anybody care about HIPAA anymore. HealthLeaders Media. Feb. 10, 2010.
Nicastro, D. Seven tips to comply with HITECH requirements. HealthLeaders Media. Jan. 12, 2010.
Nicastro, D. How to prevent top three health information breaches. HealthLeaders Media. Jan. 4, 2010.
2009 Annual Study: Cost of a Data Breach. Traverse City, MI: Ponemon Institute, LLC, Jan. 2010.
Privacy: From Barrier to Enabler of Health Information Technology. (HIT). Washington: National Quality Forum. Issue Brief No. 18, Jan. 2010.