Transparency is key when dealing with health information breaches
HIPAA Weekly Advisor, April 12, 2010
Want to receive articles like this one in your inbox? Subscribe to HIPAA Weekly Advisor!
Griffin Hospital’s response plan regarding its March 29 announcement of a breach of protected health information (PHI) was simple: Tell it like it is. Comply with HITECH breach notification requirements.
“We’ve always had a history of being transparent with our public reporting,” Bill Powanda, vice president at Griffin and the Derby, CT hospital’s spokesperson for the incident, tells HIPAA Update.
The breach at the 160-licensed-bed facility in Derby, CT, involves allegations that a radiologist formerly affiliated with Griffin improperly had access to the records of nearly 1,000 of the hospital’s patients.
Connecticut Attorney General (AG) Richard Blumenthal confirmed his office is investigating the case.
Powanda says Griffin staff was honest with patients and also complied with HITECH breach notification requirements by:
- Notifying the HHS secretary
- Notifying patients whose PHI was accessed in the breach
- Disclosing the information to the local media
- Posting information about the breach on Griffin’s Web site
- Notifying the Connecticut AG’s office
Read the full story on HIPAA Update.
Want to receive articles like this one in your inbox? Subscribe to HIPAA Weekly Advisor!
Related Products
Most Popular
- Articles
-
- Q/A: Volume requirement for reporting hydration services
- Featured blog post: Nurses face felony charges after reporting physician to the Texas Medical Board
- Catch up on what's new with injections and infusions
- Identify potential Medicaid RAC target areas
- HIPAA Q&A: Level of encryption needed for email
- Topic: CMS, OESS post new security compliance review information, checklist
- Capturing all necessary codes for IUD insertion and removal can be challenging
- What does case-mix index mean to you?
- OB services: Coding inside and outside of the package
- QA:Coding multiple initial infusions
- E-mailed
-
- Q/A: Volume requirement for reporting hydration services
- Featured blog post: Nurses face felony charges after reporting physician to the Texas Medical Board
- HIPAA Q&A: Level of encryption needed for email
- Q&A: Follow CMS' coding guidelines when using modifier -25
- What does case-mix index mean to you?
- Catch up on what's new with injections and infusions
- CMS has reformulated payments for some bilateral procedures
- New conflicts of interest create new challenges
- Q/A. One injection code or two?
- ED-to-inpatient transfers are flawed with safety gaps
- Searched