Magazine
Intelligence Unit
Special Reports
Special Events
Subscribe
Sponsored
Departments
- Leadership
- Finance
- Technology
- Physicians
- Community Hospitals
- Health Plans
- Marketing
- Quality
- Nursing
- HR
Follow Us
Dealing with Data Breaches
Qualify for a free subscription to HealthLeaders magazine.
In response, the California legislature passed a law that imposed escalating fines on hospitals for patient privacy breaches, and the state fined UCLAHS $95,000 in 2009. One employee was indicted for selling protected health information to the National Enquirer, Feinberg says.
The Office for Civil Rights launched an investigation in 2009 and determined that, from 2005 to 2008, "unauthorized employees repeatedly looked at the electronic protected health information of numerous other UCLAHS patients," according to an OCR press release. OCR announced recently that the UCLA Health System has agreed to settle its investigation into the incident for $865,500 and also to commit to a corrective action plan aimed at remedying gaps in its HIPAA compliance. This plan requires the implementation of privacy and security policies and procedures approved by OCR, "regular and robust" training for all UCLAHS employees who use PHI, sanctioning of offending employees, and an independent monitor who will assess UCLAHS compliance with the plan over three years.
Feinberg readily admits that the UCLAHS culture of several years ago did not include sufficient respect for patient privacy, but he also says that UCLAHS was not that different from other healthcare systems at that time. Respect for patient privacy has improved greatly throughout the healthcare community, partly as a result of privacy breaches that received national attention and resulted in people losing their jobs, he says.
Coming down hard on the employees who violated patient privacy sent a strong message to staff, he says.
- $6.4B Henry Ford, Beaumont Merger Failed on Cultural Hurdles
- How Chargemaster Data May Affect Hospital Revenue
- House Lawmakers Grill CMS Over Health Exchange Navigators
- Fortunately, Angelina Jolie Isn't On Medicare
- Don't Let Nurses Sink Your Bottom Line
- ED Physicians Key to Half of Hospital Admissions
- Insurer's App Aims to Lower Healthcare Costs, Securely
- Primary Care Docs Average More Hospital Revenue Than Specialists
- Uncompensated Care Faces a Double Hit in Some States
- 69% of Employers Plan to Offer Healthcare Coverage After 2014
Comments are moderated. Please be patient.
Stephen Dailey (1/18/2012 at 12:16 PM)
David: One component of Data Breeches that you did not comment upon is those breaches that do not occur at the provider faciilty and staff level. As a consultant for the Blue Cross and Blue Shield Association in 1994 and 1995 it was routine to access and use Hillary Clinton's Health Insurance Records to introduce staff to the National Accounts Claim System. I recall what I was shown in her insurance claims but will not share it. I was horrified. If health professionals have difficulty keeping their mouths shut and maintaining confidentiality, imagine the mountain 3rd party insurance payors must climb with simple claims examiners looking at records. Sure there are by now changes in policy in place but just imagine. Stephen Giles Dailey, FACHE 3729 Rhetts Landing Belleville, IL 62221