Health Information Management

Insurer must show policy to prevent PHI breach

HIM-HIPAA Insider, January 26, 2009

BlueCross BlueShield of Delaware can save on a $150,000 fine if it shows it has a policy and procedure in place to prevent a PHI breach, according to a January 6 story on the Web site.

Matt Denn, Delaware’s state insurance commissioner, levied the state’s maximum fine in December when it found the Wilmington, DL-based insurer mistakenly disclosed information of 3,800 members, the Web site reported. BlueCross BlueShield has until February 1 to show it has taken appropriate measures to prevent another breach.

BlueCross said it “gives the highest corporate priority to the protection of the information our customers entrust to us” and apologized for the “regrettable occurrence cause by a printer malfunction” in a statement to the Web site.

The violation occurred when BlueCross sent “explanation of benefit” forms to members in November that also featured information on other members, such as name, medical provider, description of service provided and their account number.

BlueCross told it was the result of a printing error, but Denn nonetheless found them in violation of two state insurance laws. One of the laws prohibits disclosure of “any nonpublic personal financial information about a consumer,” while the other requires insurers to have a system to safeguard customer information.

Read the full story in here.


1 comments on “Insurer must show policy to prevent PHI breach

Amys (6/4/2012 at 11:03 AM)
Social media is providing a new way of comcanimuting with the world. At this stage, there is world wide discussion about what the role of the modern doctor is and how he/she will fit into the modern health care setting. We need to be creating doctors who are social-media savvy and can use technology to spread knowledge and improve patient care.If hospitals want to help create a health system that fits into the modern age, is cost effective and meets the needs of its patient population, then they should be embracing internet technology rather than banning it from the wards. Given that most doctors will have access to the internet on their phones, it seems like banning particular websites is a great way to worsen the divide between management and junior doctors without actually changing any outcomes in terms of work output. Management needs to trust doctors to get the job done. As you point out, those who want to waste time will do so regardless.


Most Popular