Recently, a law suit was filed against Aetna in a federal court in Pennsylvania alleging that Aetna repeatedly failed to respect the privacy rights of people on HIV-medications. This is not the first law suit brought against Aetna for violation of privacy laws. A prior law suit alleged that Aetna jeopardized the privacy of its
Faxing medical records? Be prepared for legal actions if not done properly.
A New York man filed a $2.5 million negligence suit against a hospital after it “carelessly faxed his medical records to his office mailroom,” revealing that he was living with HIV. The New York Daily News’ report.
The man specifically asked the provider to mail the documents to a post office box, instead, the hospital
Hacking medical devices, possible?
The federal government reported that in 2016 the healthcare industry experienced 106 hacker-attributed data breaches. Around $2.8 billion was spent on cleaning up hacking incidents. Nowadays medical devices are connected to the internet (and therefore are prone to cyberattacks) but are they keeping pace with cybersecurity developments?
The issue was first brought up when potential
Another pharmacy is sued for using phone reminders.
A customer brought a class action against Rite Aid for negligent and willful violations of the Telephone Consumer Protection Act (TCPA), in connection with a prerecorded, automated call made to his cell phone alerting him to the availability of flu shots at Rite Aid pharmacies. The court held that flu shot reminders fall within the
OCR increases HIPAA audits
Last year the Office of Civil Rights (OCR) entered into 12 settlements with covered entities and its business associates (total amount in fines $23.51 mil. – more than a triple increase from 2015). It also issued several new guidance documents, launched a new HIPAA audit program, and announced that it will be investigating smaller breaches
When was the last time you trained your workforce on HIPAA? Penalties for non-compliance have increased.
You are probably wondering: HIPAA again? Yes, again and every year! Every January I re-train my clients on the HIPAA requirements, revise policies and procedures, and make sure we have no unnecessary exposures. The HHS recommends that you train your workforce yearly because human memory fades, you might have hired new people, revised your policies
Super Brief Overview of Privacy Law
Privacy laws surround almost every transaction, especially in the context of healthcare.
So what is privacy law?
It can be divided by industry. For example,
-
Communication Privacy Law (TCPA, CAN-SPAM, Do Not Call List)
-
Financial Privacy Laws (FCRA)
-
Health Privacy Laws (HIPAA)
-
Online Privacy Laws (COPPA, CalOPPA)
How do we practice good privacy?
– by