Health Information Management

Data privacy in 2009: Expect stepped up red-flag enforcement

HIM-HIPAA Insider, January 12, 2009

With their May 1 policy and procedure implementation deadline fast approaching, the “red flag rules” should be on your radar by now.

In a January 2 report by Finance and Commerce, a Minnesota attorney stressed the need for HIPAA privacy and security officers to be particularly alert with respect to identity theft cases in 2009.

“Even some of the current administration’s investigations by the OIG indicated HIPAA enforcement hasn’t been what it should be,” Jud DeLoss, Esq., told Finance and Commerce, citing the New Hampshire Department of Health’s accidental release of 9,000 names and Social Security numbers. DeLoss says healthcare organizations should:

Ensure they have ID-theft prevention programs in place

Create requirements for credit reports

Establish policies pertaining to the use of debit cards, credit cards and “smart” cards

Read the full story here.


0 comments on “Data privacy in 2009: Expect stepped up red-flag enforcement


Most Popular