Dealing with Data Breaches
Qualify for a free subscription to HealthLeaders magazine.
In response, the California legislature passed a law that imposed escalating fines on hospitals for patient privacy breaches, and the state fined UCLAHS $95,000 in 2009. One employee was indicted for selling protected health information to the National Enquirer, Feinberg says.
The Office for Civil Rights launched an investigation in 2009 and determined that, from 2005 to 2008, "unauthorized employees repeatedly looked at the electronic protected health information of numerous other UCLAHS patients," according to an OCR press release. OCR announced recently that the UCLA Health System has agreed to settle its investigation into the incident for $865,500 and also to commit to a corrective action plan aimed at remedying gaps in its HIPAA compliance. This plan requires the implementation of privacy and security policies and procedures approved by OCR, "regular and robust" training for all UCLAHS employees who use PHI, sanctioning of offending employees, and an independent monitor who will assess UCLAHS compliance with the plan over three years.
Feinberg readily admits that the UCLAHS culture of several years ago did not include sufficient respect for patient privacy, but he also says that UCLAHS was not that different from other healthcare systems at that time. Respect for patient privacy has improved greatly throughout the healthcare community, partly as a result of privacy breaches that received national attention and resulted in people losing their jobs, he says.
Coming down hard on the employees who violated patient privacy sent a strong message to staff, he says.
- As Medicare Advantage Cuts Loom, Disagreement Over Program's Stability
- Medicare Advantage Carriers See 'No Choice' But to Accept Cuts
- Centralizing the Revenue Cycle Protects the Bottom Line
- Physicians to Appeal 'Docs v. Glocks' Ruling in FL
- CA Fines 8 Hospitals for Medical Errors
- Doctors Feel Pressure to Accept Risk-based Reimbursement
- 3 Management Lessons from a Supermarket Debacle
- Surgical Checklists Unused in 10% of Hospitals, CMS Data Shows
- Employers Weigh Risks, Benefits of Private Exchanges
- Revenue Cycles Get a Boost from Simple JPEG Files