Karl Wabst's Library tagged records →  View Popular, Search in Google

Ultimately, your first line of defense rests with your doctor, though, says Peel. To thwart breaches, pepper your doctor with questions. How will my data be transmitted? Will it be encrypted? For assistance, you can also download a question form at Patientprivacyrights.org.

privacy security Breach Risk health records thieves

Do you know where your electronic health information is tonight?

Here's a reader challenge: I'll pay $10 to the first adult who has had at least five encounters with the private-sector healthcare system in the past 10 years to come up with a complete map of where all his or her electronic health records have traveled, who has seen them and where they are now.

healthcare records

Interesting: the three new breaches on HHS’s breach tool that I hadn’t heard about already all involved paper records. Here are the entries from their tool showing the name(s) of involved entities, the number of patients affected or notified, the date of the breach, and the type of breach:

paper records privacy breach

"The University of Iowa Hospitals and Clinics has fired a medical assistant for
allegedly violating patient privacy by reporting a colleague's suspected
patient-privacy violations."

university iowa hospitals records

"The Office of the National Coordinator has asked the public to comment about
privacy and security concerns associated with the use of electronic personal
health record systems and tools.

ONC also wants feedback on what consumers
expect when their health information is collected and used for personal health
records, according to an announcement Nov. 1.

ONC wants comments about these issues for a roundtable discussion on PHRs and
other emerging technologies it is convening in December.

PHRs will play an increasingly larger role as electronic health records and
meaningful use take root as methods to enable patients to access their medical
information and manage their health."

privacy health records roundtable

"Four Florida women have been indicted for their alleged participation in a
scheme to steal personal information about cancer patients and use it to obtain
fraudulent credit accounts.
In a somewhat similar recent

case

in Chicago, an identity theft
ring relied on a janitor to steal personal information from patient files at a
Chicago hospital, authorities say.
The indictment filed in U.S. District Court of the Southern District of
Florida alleges that Sharita Hubbard of Pompano Beach, Fla., stole personal
information from medical records while working in a series of four medical
records jobs at area healthcare organizations. It states that she gathered
information by copying the face sheets of patient records. These contained
patient names, dates of birth, Social Security numbers, Medicare numbers and
addresses."

privacy cancer records

"Commercial electronic health records are falling short in some areas to improve care coordination between patients and clinicians, according to a study by the Center for Studying Health System Change published online in the Journal of General Internal Medicine.

The article, "Are electronic medical records helpful for care coordination? Experiences of physician practices," was based on a total of 60 interviews—52 physicians and other staff at 26 small and medium-size physician practices with commercial ambulatory EHRs in place for at least two years; chief medical officers at four EHR vendors; and four national thought leaders active in health information technology implementation.

The research, supported by the Commonwealth Fund, found that commercial ambulatory care EHRs do facilitate care coordination within a practice by making information available at the point of care. However, they are less helpful for exchanging information across physician practices and care settings.

ehrs health care records

"THE CIA is to be given broad access to the bank records of millions of Britons under a European Union plan to fight terrorism.

The Brussels agreement, which will come into force in two months’ time, requires the 27 EU member states to grant requests for banking information made by the United States under its terrorist finance tracking programme.

In a little noticed information note released last week, the EU said it had agreed that Europeans would be compelled to release the information to the CIA “as a matter of urgency”. The records will be kept in a US database for five years before being deleted.

Critics say the system is “lopsided” because there is no reciprocal arrangement under which the UK authorities can easily access the bank accounts of US citizens in America."

Privacy CIA EU bank records

At 57 years old, Alton Simpson is a watchful eye in his quiet St. Bernard neighborhood.
Video: Watch the Story

For more than three decades, he also helped watch over New Orleans public schools as a maintenance worker. That is, up until Hurricane Katrina.

"We weren't laid off, and we never were notified on what happened with us,” Simpson said. “We tried to get answers but they just let everyone go."

Simpson said after he was forced to retire, he assumed his personnel records would be let go too.

"Well, you would think it would all be discarded, shredded," he said.

But his social security number was one of dozens, if not hundreds, that Eyewitness News discovered inside an old New Orleans public school warehouse, a facility seemingly untouched since the storm.

Privacy SSN New Orleans abandoned records

LOS ANGELES—Fifteen hospital workers have been fired and another eight disciplined for looking at medical records of octuplet mother Nadya Suleman without permission, hospital officials said Monday.

Kaiser Permanente reported the violations of health care privacy laws to the state and has warned employees at its Bellflower facility to keep away from Suleman's records unless they have a medical purpose, said hospital spokesman Jim Anderson.

"Despite the notoriety of this case, to us this person is a patient who deserves the privacy that all our patients get," Anderson told The Associated Press.

Anderson would not elaborate on how the other eight employees were reprimanded, saying only that the punishments were significant.

A similar privacy breach at UCLA hospitals led to celebrities' medical information getting leaked to tabloids in recent years, including details of Farrah Fawcett's cancer treatment showing up in the National Enquirer.

Anderson said Kaiser does not believe any of Suleman's information was shared with the media, based on the results of their inquiry.

The 33-year-old single mother of 14 gave birth to her octuplets on Jan. 26 at Kaiser's hospital in Bellflower, about 17 miles southeast of Los Angeles.

Her attorney Jeff Czech said Suleman does not plan to file a lawsuit, though he suspects Kaiser employees were looking for medical information on Suleman's sperm donor. He said the name is not listed on the
Advertisement
medical records.

"She trusts Kaiser and they said they'd look into it," Czech said. "We feel that they're on top of it and are taking care of it."

Anderson could not provide details about when Suleman's medical records were accessed and by what kind of hospital employee. He said Kaiser had warned its employees about patient confidentiality rules before Suleman checked into the hospital in December.

"Even though no one knew she was there, they knew she was going to have a lot of babies," Anderson said. "The extra monitoring helped determine that there were people who looked a

Privacy Health Care Records

Paperwork containing the personal medical information of at least 66 patients at Massachusetts General Hospital was lost this month when an employee apparently left it on an MBTA train.

The hospital sent out letters last week to patients whose identities were included in the lost paperwork, telling them the information listed their names and dates of birth, and private medical information, including their diagnoses and the name of the provider with whom they met. The material constituted billing records for patients who attended the hospital's Infectious Disease Associates outpatient practice on Fruit Street on March 4.

Deborah A. Adair, the hospital's privacy officer and director of health information services, said in a statement released yesterday that while the incident was regrettable, the hospital followed privacy laws by immediately alerting affected patients and authorities, including the state attorney general's office and the Department of Consumer Affairs and Business Regulation.

"[Hospital] police and security are thoroughly investigating this matter not only with an eye toward recovering the missing information but also toward making sure that this will not happen again," Adair said. "Our information privacy and security policies and procedures are among the strongest in the healthcare industry, but incidents such as this remind us that we must continue to review and revise them, as well as continue to educate our staff on best practices to avoid incidents such as this."

According to hospital security reports, a manager in the infectious disease center's billing unit told supervisors that she left the paperwork on a Red Line train the morning of March 9. The manager said she had brought the paperwork home with her to work over the weekend and left the material sometime between 7:30 and 9 a.m. The Transit Police were notified, but the paperwork was not found.

Privacy Medical Records Loss

Patients’ advocates claimed victory in a battle over the privacy of health records as the U.S. Congress approved the economic stimulus bill, which contains $19 billion for health-care information.

U.S. House and Senate negotiators’ compromise reflects stricter standards that privacy advocates wanted for marketing, selling and disclosing health data. Both houses approved the $787 billion stimulus plan today and sent it to President Barack Obama for his signature.

The legislation contains $2 billion in grants to create a national system of computerized health records and $17 billion in higher Medicare and Medicaid reimbursements for doctors and hospitals to adopt the technology. Electronic records will improve care and reduce costs, Obama said. The legislation also will boost the health-records industry, led by Allscripts-Misys Healthcare Solutions Inc., Quality Systems Inc. and Athenahealth Inc.

“We’ve dramatically improved on the status-quo, wholly unregulated system where private patient data was bought and sold like any commodity,” Caroline Fredrickson, director of the American Civil Liberties Union’s Washington legislative office, said in an interview today.

Privacy Stimulus Congress Obama Patient Data ACLU electronic healthcare records

Bring up the subject of digitizing medical records and you're likely to get a paradox of a discussion. Everyone thinks it will help save money and improve health care, and everyone has grave reservations.

Get ready to hear more as a massive economic stimulus bill works its way through Congress, which includes IT health care spending measures. Although lawmakers are close to pulling the trigger. ensuring the privacy of patients' electronic health records (EHR) remains a top concern.

"I very firmly believe that the Achilles heel of health IT is privacy," said Sen. Jim Whitehouse, a Rhode Island Democrat who chaired a hearing this morning examining the appropriate safeguards government should insist on before it doles out billions of dollars to help providers computerize patients' records.

Champions of health IT argue that EHRs and interoperable systems to integrate data among providers would drive down healthcare costs while greatly reducing medical errors. Just 17 percent of physicians currently have even basic EHRs. The Center for Disease Control has estimated that as many as 98,000 preventable deaths occur in U.S. hospitals each year, many of which could presumably been avoided with more accessible patient data.

"If 100,000 Americans were being killed by anything else, we'd be at war," Whitehouse said.

Privacy Security Risk Health Care Electronic Records

U.S. lawmakers need to make sure privacy safeguards are in place before pushing electronic health records (EHR) on the public, senators and witnesses said at a Senate Judiciary Committee hearing today.

Health IT improvements are needed to improve the quality and efficiency of health care in the U.S., but patients might be wary of electronic health records without strong privacy safeguards built in, Sen. Patrick Leahy (D-Vt.) said.

"If you don't have adequate safeguards to protect privacy, many Americans aren't going to seek medical treatment," Leahy said. "Health care providers who think there's a privacy risk ... are going to see that as inconsistent with their professional obligations, and they won't want to participate."

An $825 billion economic stimulus package, called the American Recovery and Reinvestment Act, includes $20 billion targeted toward health IT efforts. The bill, which could come before the full House for a vote this week, establishes an Office of the National Coordinator for Health Information Technology, which will be responsible for driving health IT standards.

Privacy Data Electronic Health Records (EHR)

Data breaches are running at record levels, according to the San Diego-based Identity Theft Resource Center, a non-profit that tracks cybercrime. ITRC says it recorded 342 data breaches from Jan. 1 through June 24, up 69% from the same period in 2007. But, like the origins and perpetrators of so many individual data breaches, mystery also lies behind the aggregated numbers.

“I’m not sure that this says breaches are increasing,” ITRC founder Linda Foley tells Digital Transactions News. “What we know is the reporting of breaches is increasing.” A handful of states now require some disclosure of data breaches to authorities, Alaska being the most recent. And some companies that have been hacked are starting to report breaches voluntarily, Foley says.

While data breaches can compromise all manner of personal and business records, they often involve credit and debit card data and bank-account information. ITRC lists five major categories of breached entities, with the so-called banking/credit/financial sector accounting for 10% of 2008’s breaches. Businesses, which include physical and Internet retailers, insurance companies and other private enterprises, accounted for 36.8%. Schools accounted for 21.3%; government and military facilities, 17%; and health-care facilities, 14.9%. IRTC also categorizes breaches by how they happened, such as through hackings—break-ins into computers and related systems, insider thefts, data lost in physical transit, and by other methods. The number of 2008 hackings through late June in the banking/credit/financial category was 10—double the five for all of 2007. The estimated number of records compromised as a result was 227,864. In 2007, the reported number of compromised records at financial institutions through hackings was 83,500. But Foley says not to put too much stock in the records numbers because so many breached organizations don’t know or fail to report the number of compromised records when they report a breach.

In the business category, the number of hacking-related brea

Privacy Security Breach Records ITRC

Privacy and civil liberties advocates are urging lawmakers working on the forthcoming economic stimulus package to ensure that any language to spur adoption of electronic medical records includes meaningful security safeguards.

The American Civil Liberties Union, Consumer Action, the National Association of Social Workers, Patient Privacy Rights and others sent letters to House Speaker Nancy Pelosi, Senate Majority Leader Harry Reid and President-elect Barack Obama Wednesday asking them to ensure individuals can control the use of their medical records and protect them from what they believe is a thriving industry of firms that share and sell medical data.

"We all want to innovate and improve health care, but without privacy our system will crash as any system with a persistent and chronic virus will," Patient Privacy Rights executive director Ashley Katz said at a Capitol Hill briefing.

Katz said her group has been pleased with progress that the House Energy and Commerce, and Ways and Means committees made last year.

Privacy HealthCare Medical Records Data

President-elect Barack Obama has promised to computerize all of America's medical records within five years. He made the pledge last week in a speech at George Mason University.

"This will cut waste, eliminate red tape and reduce the need to repeat expensive medical tests," he said. "But it just won't save billions of dollars and thousands of jobs, it will save lives by reducing the deadly but preventable medical errors that pervade our health care system."

But the road to digitized medical records will be a tough and expensive one, CNN Money reported.

Today, only about 8% of the country's 5,000 hospitals and 17% of its 800,000 physicians use electronic medical records.

There is also the issue of patient privacy. Numerous hospitals have faced security issues since moving to electronic medical records. The Industry Standard reported on a security breach at a Los Angeles hospital last month.

And then there is the cost.

Studies done by Harvard, RAND and the Commonwealth Fund peg the cost of the digitization plan between at least $75 billion to $100 billion, according to the CNN article.

However, the health care industry spends $2 trillion dollars a year, so the $100 billion may be well worth the long-term savings.

Privacy Obama Medical Records Electronic

Iowa governments would have greater authority to black out personal information from public records under proposals recommended by a legislative committee.

Advocates say the proposals would protect citizens from identity theft.

But opponents say the unintended results could be alarming, particularly if the public is unable to differentiate between, for example, a convicted sex offender and another citizen with the same name.

"The public has more to fear from government records containing information about them of which they are unaware than the release of information pertaining to them," said Bill Monroe, executive director of the Iowa Newspaper Association.
Advertisement

Lawmakers formed the Identity Theft Prevention Study Committee, which met in November, to consider how the release of personal information in Iowa could make residents vulnerable to identity theft.

Public concern heightened this year when privacy advocates complained about a land records site, IowaLandRecords.org. The Social Security numbers of thousands of Iowans from all 99 counties were listed on the site, including those of Gov. Chet Culver and Secretary of State Michael Mauro.

Privacy Government Records Identity Theft Iowa

If you think that any of the information in your cell phone is private, think again. It's not. The calling records on your cell phone have "no expectation of privacy," according to a court decision issued by a federal court...

Privacy Cellphone records expectation of privacy

Boxes with documents detailing confidential patient information, such as Social Security numbers and personal medical history, were found discarded next to a medical office building, which officials said could be a violation of patient confidentiality laws.

The documents, which were retrieved by a doctor about 90 minutes after they were discovered, could have exposed patients to identity theft and could be a violation of the Health Insurance Portability and Accountability Act of 1996 (HIPAA), which governs patients' privacy laws and addresses procedures for discarding medical records.

Sheriff's officials were called about the discovery of the files at 5:04 p.m. on Nov. 26. The caller described boxes of private medical records that were found in a trash bin in the rear of a medical building at 24953 Paseo de Valencia. The documents included private information including Social Security numbers and patient medical histories, said Lt. Ted Boyne of the Orange County Sheriff's Department.

Privacy Medical Records