State AGs Stepping Up HITECH Enforcement
Griffin began the investigation when patients contacted Griffin about "unsolicited contact by the physician who offered to perform professional services at another area hospital despite the patients' interest in having those services provided at Griffin Hospital."
Griffin said it has complied with HITECH breach notification requirements by:
- Notifying the HHS secretary
- Notifying patients who have had their PHI accessed in the breach
- Disclosing the information to the local media
- Posting information about the breach on Griffin's Web site
Griffin officials have also notified Blumenthal's office about the breach, changed all of the passwords for PACS users whose passwords were used without authorization, and advised all users of the need for strict password confidentiality.
Frank Ruelas, director of compliance and risk management at Maryvale Hospital and principal of HIPAA Boot Camp in Casa Grande, AZ, says bringing state AGs into the HITECH enforcement mix raises the possibility of discovered breaches to a "new level."
"I certainly can see attorney generals becoming motivated first responders to discovered breaches when compared to actions that may be taken by a federal entity. Bottom line, enforcement, or at least the threat of enforcement, is moving closer and closer to home with respect to the location of the involved covered entity," he says.
Dom Nicastro is a contributing writer. He edits the Medical Records Briefings newsletter and manages the HIPAA Update Blog.
- As Medicare Advantage Cuts Loom, Disagreement Over Program's Stability
- Doctors Feel Pressure to Accept Risk-based Reimbursement
- Surgical Checklists Unused in 10% of Hospitals, CMS Data Shows
- Centralizing the Revenue Cycle Protects the Bottom Line
- CA Fines 8 Hospitals for Medical Errors
- A Fresh Look at End-of-Life Care
- 3 in 4 Patients Want E-mail Consultations
- Heart Attack Patient Costs Skyrocket Beyond 30 Days
- ACGME Chief Sees 'Huge' Risk of Error in Proposed Assistant Physician Licensure
- 3 Insider Tips on Cutting Costs without Strangling Growth