Magazine
Intelligence Unit
Special Reports
Special Events
Subscribe/Buy
Sponsored
Departments
- Leadership
- Finance
- Technology
- Physicians
- Community Hospitals
- Health Plans
- Marketing
- Quality
- Nursing
- HR
Follow Us
Disclosure Report Could Reveal HIPAA Breaches
Qualify for a free subscription to HealthLeaders magazine.
This article appears in the January 2012 issue of HealthLeaders magazine.
A proposed rule concerning the accounting of disclosures requirement under the HIPAA Privacy Rule would give patients the right to get a report on who has electronically accessed their protected health information, and some legal experts worry that this could pose problems for healthcare providers.
People would obtain this information by requesting an access report, which would document the particular persons who electronically accessed and viewed their PHI, explains Nathan A. Kottkamp, JD, a partner with the law firm of McGuireWoods in Richmond, VA. Although covered entities are currently required by the HIPAA Security Rule to track access to electronic PHI, they are not required to share this information with people.
"It makes it that much easier to find a smoking gun demonstrating that your staff is not in compliance with HIPAA," Kottkamp says. "If I'm a covered entity, I think this rule really does scare me from a litigation perspective and a compliance perspective. I'm confident that we're going to see more litigation about breaches of privacy, and I would remind staff that they could be held directly liable for snooping in records they shouldn't have looked at. It puts them at very, very real risk of being dragged into a lawsuit."
This article appears in the January 2012 issue of HealthLeaders magazine.
Greg Freeman is a contributing writer for HealthLeaders Media.
- Urologists 'Outraged' Over PSA Test Challenge
- New Facebook Page Gathers Stories of Medical Harm
- Luxury Hospital Facilities Put Patient Experience First
- Five Hospitals Share Three Secrets to Improve Knee Surgery Outcomes
- Heartland Health Joins Mayo Clinic Network
- Beleaguered Fairview Health CEO to Retire in July
- Health Insurance Exchanges Put Defined Benefits to the Test
- Challenging Physicians to Help Improve the ED
- For hospitals and insurers, new fervor to cut costs
- The Power of Plugged-In Physicians
Comments are moderated. Please be patient.
Lynn (2/23/2012 at 10:16 AM)
As a family law attorney, I absolutely want to know who has accessed my file(s). I have represented numerous people or their spouses who work in the medical industry. My spouse's exwife also works in the medical field and we suspect she has accessed both of our files. I believe I have a right to know who has accessed my file. I feel compliance will increase if they know patients can get an audit upon request.
dnelson (1/13/2012 at 1:12 PM)
Having no right to personal action under HIPAA, the theoretical smoking gun would lead the indiviudal still having to prvove they had suffered harm. Difficult at best from someone just accessing the data. What this will lead to is having to expalin to Joan Client that Johnny Biller accessed her record six times on one day as it was necessary for processing of a heatlh claim.