HIPAA officers can learn from Google's handling of snooper
HIPAA Weekly Advisor, September 20, 2010
Want to receive articles like this one in your inbox? Subscribe to HIPAA Weekly Advisor!
Google said Tuesday it fired an employee earlier this year for “violating its policies on accessing the accounts of its users,” according to cnet news.
The employee, David Barksdale, who worked as an engineer in Google’s Seattle offices, broke into the Gmail and Google Voice accounts of several children, the report says.
Though this is not related to PHI or HIPAA, privacy and security officers should take note of Google’s swift response. Snooping at patient records is an ongoing issue for covered entities (see related item in this e-Newsletter).
“We dismissed David Barksdale for breaking Google’s strict internal privacy policies,” Google’s Bill Coughran, senior vice president of engineering, said in a statement. “We carefully control the number of employees who have access to our systems, and we regularly upgrade our security controls–for example, we are significantly increasing the amount of time we spend auditing our logs to ensure those controls are effective. That said, a limited number of people will always need to access these systems, if we are to operate them properly–which is why we take any breach so seriously.”
Want to receive articles like this one in your inbox? Subscribe to HIPAA Weekly Advisor!
Related Products
Most Popular
- Articles
-
- Q/A: Volume requirement for reporting hydration services
- Featured blog post: Nurses face felony charges after reporting physician to the Texas Medical Board
- Catch up on what's new with injections and infusions
- Identify potential Medicaid RAC target areas
- HIPAA Q&A: Level of encryption needed for email
- Topic: CMS, OESS post new security compliance review information, checklist
- Capturing all necessary codes for IUD insertion and removal can be challenging
- What does case-mix index mean to you?
- QA:Coding multiple initial infusions
- OB services: Coding inside and outside of the package
- E-mailed
-
- Q/A: Volume requirement for reporting hydration services
- Featured blog post: Nurses face felony charges after reporting physician to the Texas Medical Board
- HIPAA Q&A: Level of encryption needed for email
- Q&A: Follow CMS' coding guidelines when using modifier -25
- What does case-mix index mean to you?
- Catch up on what's new with injections and infusions
- CMS has reformulated payments for some bilateral procedures
- New conflicts of interest create new challenges
- Q/A. One injection code or two?
- ED-to-inpatient transfers are flawed with safety gaps
- Searched