MGH HIPAA violation case
Jennifer Brummage Medical Law and Ethics
In the health care business, there are certain standards and laws that have been put in place to protect our patients and their personal health information. When a health care facility fails to protect their patient’s confidential information, the US Government may get involved and facilities may be forced to pay huge sums of money in fines, and risk damaging their reputation.
The Health Insurance Portability and Accountability Act (HIPAA) was established in 1996. This Act was put into place in order to improve the efficiency and effectiveness of the health care system. The HIPAA law includes a Privacy rule and a Security Rule. Hospitals, Doctors, and employees in the medical field are expected to adopt the national standards and aim to keep patient information confidential. When a hospital or medical employee fails to meet the standards set, lawsuits can ensue and they can be fined large sums of money relating to the incident.
The Privacy Rule establishes national standards to protect individual’s medical records and other personal health information and applies to health plans, health care clearinghouses, and those health care providers that conduct certain health care transactions electronically. The Privacy rule requires appropriate safeguards to protect personal health information. The rule also gives patients’ rights over their health information, including rights to examine and obtain a copy of their health records.
The Security protects individual’s electronic personal health information that is created, received, used or maintained by a covered entity. The Security rule requires appropriate administrative, physical and technical safeguards to ensure the confidentiality, integrity, and security of electronic protected health information.
The Office for Civil rights (OCR) is responsible for enforcing the HIPAA
References: * FierceHealthcare.com, HIPAA violations. Feb 25 2011 (54198) * HHS.gov. News Release MGH HIPAA violation. Feb 24 2011 * US Department of Health and Human Services. HIPAA Law, July 19, 2011 * Zigmond J, Modern Healthcare, ISSN: 0160-7480, 2011 Feb 28; Vol. 41 (9), pp. 13 * http://www.hhs.gov/ocr/privacy/hipaa/understanding/index.html