Scanning the Headlines: HIPAA 2009 (Archive)

Updated on August 23, 2010

Click here for HIPAA latest bibliography

Links to full-text articles are provided where available.
For information on obtaining print copies of articles, please call the
AHA Resource Center at (312) 422-2050.

Nicastro, D.  Stay vigilant to comply with HIPAA's internal sanction regulationHealthLeaders Media.  Dec. 31, 2009.

HIMSS Patient Identity Integrity Work Group. Patient identity integrity: a white paper. Chicago: Health Information Management and Systems Society, Dec. 2009.

Two data security breaches give state attorneys general a chance to exercise their new HIPAA powersAIS  Dec. 9, 2009.

Stevenson, G., and Valenta, A. L. Securing ePHI. Journal of Health Information Management. 23(4):46-53, Fall 2009.

Doe, B. HITECH meets HIPAA. Journal of Health Information Management. 23(4):15-16, Fall 2009.

The new privacy-breach notification rule.  MGMA Connexion. 9(10):26-28, Nov./Dec. 2009.

Parmigiani, J. Communicating security efforts. Informing consumers of data protection programs helps build trust. Journal of AHIMA. 80(11):56-57, Nov./Dec. 2009.

Sturdevant, M.  1.5 million medical files at risk in health net data breachHartford Courant.  Nov. 19, 2009.

Nicastro, D. Eight tips to polish your hospital's patient breach responseHealthLeaders Media. Nov. 18, 2009.

Nicastro, D. Four steps to manage patient information breaches. HealthLeaders Media. Nov. 17, 2009.

Nicastro, D. Five ways to prevent patient information breaches. HealthLeaders Media. Nov. 16, 2009.

Health plans face HIPAA privacy rule changes under the new genetic information nondiscrimination actAIS  Nov. 10, 2009.

Nicastro, D. HHS breach notification interim final rule; Form your incident response team, set policies and procedures to comply with new federal HIPAA regulationsHCPro White Paper, Nov. 2009.

2009 HIMSS Analytics Report: Evaluating HITECH's Impact on Healthcare Privacy and Security.  Chicago:  HIMSS Analytics, Nov. 2009. 

Goedert, J. HHS Issues HIPAA Enforcement Rule. Health Data Management, Breaking News, Oct. 30, 2009.

Ponemon Institute LLC. Electronic health information at risk: a study of IT practitioners. San Jose, CA: LogLogic,  Oct. 15, 2009.

Collins, E., editor.  It's time for HIPAA covered entities to update their policies on the use of cell phones and camerasAIS  Oct. 12, 2009.

HIPAA Code Set Rule: ICD-10 Implementation.  Chicago:  American Hospital Association.  Oct. 9, 2009.  [AHA Members Only].

Nicastro, D.  Congressmen want HIPAA harm threshold eliminatedHealthLeaders Media.  Oct. 9, 2009.

Nicastro, D. Time to check dangers of social networking. HealthLeaders Media. Oct. 8, 2009.

Berry, E.  850,000 doctors could be hit by potential data breach from insurer's stolen laptopAmerican Medical News, posted on web Oct. 6, 2009.

Nicastro, D. How to submit notice of a patient information breachHealthLeaders Media. Oct. 2, 2009.

Health data breach rules become effectiveHealth Data Management.  Sept. 23, 2009.

Nicastro, D. Four HIPAA compliance tips for business associates. HealthLeaders Media. Sept. 9, 2009.

Nicastro, D.  Is HIPAA's new harm threshold good news or bad?  HealthLeaders Media.  Aug. 28, 2009.

Security Breach Notification Rule Issued by HHS; Sept. 23 Deadline Set for Reporting 'Significant Risk'AIS  Aug. 27, 2009.

CMS's Summary of Its HIPAA Security Reviews Implies Encryption and Employee Background Checks May Be Required. AIS  Aug. 14, 2009.

Nicastro, D. Office for Civil Rights to hire HIPAA privacy enforcers. HealthLeaders Media. Aug. 12, 2009.

Nicastro, D. HIPAA compliance starts with c-suite. HealthLeaders Media. Aug. 10, 2009.

Nicastro, D.  OCR's HIPAA enforcement: more bark or bite?  HealthLeaders Media.  Aug. 4, 2009.

Nicastro, D.  Sebelius shifts HIPAA security rule enforcement to civil rights officeHealthLeaders Media.  Aug. 3, 2009.

Dimick, C. California’s privacy pile-up.  Journal of AHIMA. 80(8):44-48, Aug. 2009.

Brown, B. New technologies have created new threats to electronic protected health information.  Journal of Health Care Compliance. 11(4):35-46, July/Aug. 2009.

Nicastro, D.  Beware of more stringent state HIPAA laws. HealthLeaders Media. July 24, 2009.

Three plead guilty to HIPAA violationsHealth Data Management.  July 22, 2009.

Collins, E.  The encryption of patient health records is crucial with new laws and growing patient desire to e-mail their physiciansAIS  July 17, 2009.

Nicastro, D.  New HIPAA jobs: enforcers or policy-makers? HealthLeaders Media.  July 17, 2009.

Nicastro, D.  Eight tips to get your business associates to comply with HIPAA. HealthLeaders Media. July 16, 2009.

Commins, J.  Hospital slapped with second six-figure fine for records breach in two monthsHealthLeaders Media.  July 16, 2009.

Collins, E.  New federal, state laws raise the stakes when dealing with employees who snoop into patient health informationAIS  July 15, 2009.

Nicastro, D.  Six tips to comply with HIPAAHealthLeaders Media.  July 6, 2009.

Rinehart-Thompson, L. A. Amendments to FERPA regulations. Journal of AHIMA. 80(7):56-57, July 2009.

Miller, A. R., and Tucker, C. Privacy protection and technology diffusion: the case of electronic medical records. Management Science. 55(7):1077-1093, July 2009.

Nicastro, D.  Hospitals should review their HIPAA sanctions policy.  Healthleaders Media.  June 29, 2009.

Eramo, L.  HIPAA 5010 requires IT to do more with fewer resourcesHealthLeaders Media.  June 25, 2009.

Medical identity theft concerns grow as EHR adoption increasesiHealthBeat.  June 15, 2009.

Konrad, W.  Medical problems could include identity theftNew York Times.  June 12, 2009.

Hayes, H.  HIPAA: best if used by...  Healthcare Information and Management Systems Society.  June 12, 2006.

Collins, E.  Calif. Hands down maximum $250,000 penalty for employee snooping into patient records at Kaiser Permanente Bellflower Medical CenterAIS  June 10, 2009.

Nicastro, D.  CVS works on patient privacy improvements following fine. Healthleaders Media.   June 1, 2009.

Nicastro, D.  Business associates and HIPAAHCPro White Paper, June 2009.

McKinney, M. HIPAA and hitech; tighter control of patient data. Hospitals & Health Networks. 83(6):50-52, June 2009.

Mertz, K. Enabling HIE while protecting privacy. An overview of state legislative approaches. Journal of AHIMA. 80(6):50-51, 57, June 2009.

D’Emanuele, R.C., Soshnik, J.T., and Bomash, K.  Major changes to HIPAA security and privacy rules enacted in economic stimulus package.  Health Lawyers News.  13(6):32-38, June 2009.

HIPAA: 43,691 privacy complaints and counting. Journal of AHIMA. 80(6):58, June 2009.

Boerner, C. President Obama’s stimulus bill and its effect on HIPAA privacy and security.  Journal of Health Care Compliance. 11(3):35-36, May/June 2009.

Brown, B. Privacy provisions of the American Recovery and Reinvestment Act.  Journal of Health Care Compliance. 11(3):37-38, May/June 2009.

Maffeo, M. The relationship of privacy provisions in the stimulus bill to health information technology. Journal of Health Care Compliance. 11(3):55-56, May/June 2009.

Lang, R.D.  The HIPAA security rule.  Journal of Healthcare Information Management.  23(2):2-3, Spring 2009.

Marshall, G.F., Gillespie, W., and Fox, S.J.  Privacy and security in Pennsylvania.  Journal of Healthcare Information Management.  23(2):38-44, Spring 2009.

Wright, M.G.  HIPAA, Sarbanes-Oxley, IRS, USPS and the States: Juggling Complicated U.S. Regulations.  AHP Journal:30-34, Spring 2009.

Eramo, L.  HIPAA 5010 is one small, but necessary step toward ICD-10Healthleaders Media.  May 22, 2009.

Nicastro, D.  HIPAA enforcement promises, but lacks specificsHealthleaders Media.  May 22, 2009.

Collins, E. Accounting for disclosures in electronic health records could be a time bomb waiting for HIPAA covered entities. Report on Patient Privacy, May 18, 2009.

Commins, J.  Fawcett’s cancer battle highlights need for privacy.  Healthleaders Media.  May 11, 2009.

Nicastro, D. Training, Identifying Discrepancies Are Key in Red Flags RuleHealthLeaders Media. May 6, 2009.

Commins, J.  Hacker holding Virginia health records for $10 million ransomHealthleaders Media.  May 5, 2009.

Harris, S.  Stimulus package alters HIPAA rules for business associatesAmerican Medical News.  May 4, 2009.

The Impact of Federal Stimulus Efforts on the Privacy and Security of Health Information in California.  Issue Brief.  Oakland, CA:  California Healthcare Foundation, May 2009.

Rode, D.  Recovery and privacy: why a law about the economy is the biggest thing since HIPAA.  Journal of AHIMA.  80(5):42-44, May 2009.

The Impact of Federal Stimulus Efforts on the Privacy and Security of Health Information in California.  Oakland, CA: California Healthcare Foundation, May 2009.

Sanction guidelines for privacy and security breaches: practice brief.  Journal of AHIMA.  80(5):57-62, May 2009.

Nicastro, D.  HHS issues draft guidance on securing PHIHealthLeaders Media.  Apr. 21, 2009.

FTC Publishes Proposed Breach Notification Rule for Electronic Health Information.  Federal Trade Commission, Apr. 16, 2009.

Commins, J.  Octomom Records Breach a Lesson in Patient PrivacyHealthLeaders Media.  Apr. 6, 2009.

Nicastro, D.  HITECH Act and HIPAAHCPro White Paper, Apr. 2009.

Barclay, J., and Barclay, L.  Mitigating identity theft in hospitals and health systems--having robust HIPAA policies and procedures is a good start to compliance with the FTS's identity theft "red flag" rule.   Hospitals and Health Systems Rx.  11(1):9-12, Apr. 2009.

Brown, B.  Improving the privacy and security of personal health records.  Journal of Health Care Compliance.  11(2):39-40, Mar./Apr. 2009.

Michelman, A.  An update on what is being done to keep protected health information service.  Journal of Health Care Compliance.  11(2):57-58, Mar./Apr. 2009.

Dimitropoulos, L,, and Rizk, S.  A state-based approach to privacy and security for interoperable health information exchange.  Health Affairs.  28(2):428-434, Mar./Apr. 2009.

McGraw, D., and others.  Privacy as an enabler, not an impediment:  building trust into health information exchange.  Health Affairs.  28(2):416-427, Mar./Apr. 2009.

McDonald, C.  Protecting patients in health information exchange: a defense of the HIPAA privacy ruleHealth Affairs.  28(2):447-449, Mar./Apr. 2009.

Kendall, D.  Protecting patients privacy through health records trustsHealth Affairs.   28(2):444-446, Mar./Apr. 2009.

Greenberg, M., Ridgely, M., and Hillestad, R.  Crossed wires: how yesterday's privacy rules might undercut tomorrow's nationwide health information networkHealth Affairs.  28(2):450-452, Mar./Apr. 2009.

Patients' privacy and data securityHealth Affairs.  28(2):415, Mar./Apr. 2009.

McGraw, D., and others.  Privacy as an enabler, not an impediment: building trust into health information exchangeHealth Affairs.  28(2):416-427, Mar./Apr. 2009.

Dimitropoulos, L., and Rizk, S.  A state-based approach to privacy and security for interoperable health information exchange.  Health Affairs.   28(2):428-434, Mar./Apr.2009.

Tripathi, M., and others.  Engaging patients for health information exchangeHealth Affairs.  28(2):435-443, Mar./Apr. 2009.

Goedert, J.  Kaiser Fires 15 for Accessing Suleman FilesHealth Data Management.  Mar. 31, 2009.

Gellman, R.  Patient’s Guide to HIPAA: How to Use the Law to Guard your Health Privacy. Cardiff by the Sea, CA: World Privacy Forum, Mar. 31, 2009.

Prepare for HIPAA hot spots.  Briefings on HIPAA.  Mar. 12, 2009.

Report on Patient Privancy:  Major Research Association Reports That HIPAA Privacy Rule Is Harming Research.   Washington:  Atlantic Information Services, Inc., Feb. 12, 2009.

Dimick, C.  Untangling privacy.  Journal of AHIMA.  80(2):36-39, Feb. 2009.

Dimick, C.  Sounding the alarm:  knowing when to notify patients of a data breach can be unclear.  Journal of AHIMA.  80(2):20-26, Feb. 2009.

Hofman, J.  Surviving a CMS security investigation.  Journal of AHIMA.  80(2):42-45, Feb. 2009.

Redisclosure of patient health information (updated).  Journal of AHIMA.  80(2):51-54, Feb. 2009.

Featheringham, M.  A renewed focus on HIPAA.  Journal of AHIMA.  80(2):74, Feb. 2009.

HIPAA Covered Entities Still Wrestle With Questions About When to Release Patient Information to Law Enforcement.  Report on Patient Privacy, Jan. 26, 2009.

Brown, B.  A kinder, gentler health and human services.  Journal of Health Care Compliance.  11(1):35-36, Jan./Feb. 2009.

Tomes, J.  You are not just a HIPAA covered entity-you may be a red flag covered entity as well!  Journal of Health Care Compliance.  11(1):5-12, Jan./Feb. 2009.

Rethinking the Role of Consent in Protecting Health Information Privacy. Washington:  Center for Democracy and Technology, Jan. 2009.

Dimick, C.  Keeping HIPAA education fresh.  Journal of AHIMA.  80(1):34, Jan. 2009.

Herrin, B.  Releasing information of deceased patients.  Journal of AHIMA.  80(1):52-53, Jan. 2009.

Dinh, A.  Securing portable devices.  Journal of AHIMA.  80(1):56-58, Jan. 2009.

Beyond the HIPAA Privacy Rule.  Washington:  The National Academies Press, 2009.  (WX 173 B573 2009).

Dixon, P. Podcast: The Dangers of Medical Identify Theft. Woburn, MA: World Congress, 2009.

Yost, D. Podcast: What a Stolen Laptop Computer has to do with Healthcare. Woburn, MA: World Congress, 2009.

Coffield, R. Podcast: Protecting the Patients from Medical Identity Theft. Woburn, MA: World Congress, 2009.

Nass, S., Levit, L., and Gostin, L., editors.  Beyond the HIPAA Privacy Rule: Enhancing Privacy, Improving Health Through Research.  Washington:  The National Academies Press, 2009.

Communicating With A Patient's Family, Friends, or Others Involved in the Patient's Care.  Washington:  U.S. Department of Health and Human Services, Office of Civil Rights, 2009.

When Health Care Providers May Communicate About You With Your Family, Friends, or Others Involved in Your Care.  Washington:  U.S. Department of Health and Human Services, Office of Civil Rights, 2009.

HIPAA Creating Barriers to Research and Discovery.  Washington:  Association of Academic Health Centers, 2009.

Steinberg, M., and Rubin, E.  The HIPAA Privacy Rule: Lacks Patient Benefit, Impedes Research Growth.  Washington: Association of Academic Health Centers, 2009.


About AHA


Member Constituency Sections

Key Relationships

News Center

Performance Improvement

Advocacy Issues

Products & Services


Research & Trends


155 N. Wacker Dr.
Chicago, Illinois 60606

800 10th Street, N.W.
Two CityCenter, Suite 400
Washington, DC 20001-4956