Prison Time for Privacy Breach of PHI; OCR Breach List Continues to Grow; More Training Needed

Health Data Management  reported in its April 29, 2010, online HDM Daily that “[a] former researcher at the UCLA School of Medicine has been sentenced to four months in federal prison for violations of the HIPAA privacy rule.”  You may access and read the article by Joseph Goedert,  “Prison for HIPAA Privacy Violater“.

On the same day, April 29, the Office for Civil Rights (OCR) of the Department of Health and Human Services (HHS) reported on its Web site 67 entities reporting “Breaches Affecting 500 or More Individuals” over the period September 22, 2009 to March 19, 2010.  That is up from the 36 that OCR listed on its initial posting of the list on February 23, 2010.  The current list is available on the OCR Web site.

Clearly, more “awareness and understanding” training on security safeguards and privacy controls regarding use and disclosure of protected health information (PHI) is necessary.  Such training is required under the HIPAA Privacy and Security Rules and includes training regarding the new HITECH Act Breach Notification Rule requirements.

HIPAA.com will have announcements about such training in May, offerred through HIPAA School.  You may register on the hipaa.com site for email notification of further details about HIPAA School training, and for postings provided on hipaa.com.  (20100429)

Leave a Reply

Your email address will not be published. Required fields are marked *