Blog – HIPAA & Health Information Technology

https://hipaahealthlaw.foxrothschild.com/

Bill is the editor and a contributor to Fox Rothschild's HIPAA & Health Information Technology blog, providing information regarding cutting-edge legal and practical developments that health care providers and businesses must consider with regard to the handling and sharing of health information, including through the use of electronic health records.

Recent Blog Posts

  • When Data is Like Toothpaste In 1973, President Richard Nixon’s Chief of Staff H.R. Haldeman warned White House Counsel John Dean against talking to prosecutors investigating the growing Watergate scandal, telling him “Once the toothpaste is out of the tube, it’s going to be very hard to get it back in,” and a useful idiom was born. Personal electronic data, including protected health information, once disclosed, can be equally difficult to recapture and contain. A recent article in Slate entitled You Can’t Clean Up a Data... More
  • Involuntary Commitment Laws and Privacy Restrictions In a recent New York Times op-ed piece entitled “How a Bad Law and a Big Mistake Drove My Mentally Ill Son Away,” the father of a young man involuntarily hospitalized under Florida’s Baker Act decries “privacy laws” for limiting his access to information about his son’s whereabouts and care.   If this account is accurate, it highlights the widespread confusion that surrounds  health care providers’ communication with family members. The article’s author, Norman Ornstein, describes a disturbing incident in which his... More
  • 21st Century Cure for a “Broken” Mental Health System Includes HIPAA Clarification U.S. Representative Tim Murphy (R-PA) has been a vocal advocate for mental health reform for a number of years.  Part of his crusade is driven by his concern that the HIPAA privacy rule “routinely interferes with the timely and continuous flow of health information between health care providers, patients, and families, thereby impeding patient care, and in some cases, public safety.”  Congressman Murphy’s efforts have resulted in the inclusion in the recently-passed 21st Century Cures Act of a provision entitled... More
  • Bubble Guppies and PHI: Tips for Telecommuting Policies Federal enforcement agencies are increasingly focusing on HIPAA breaches which involve mishandling of PHI by telecommuters.  Two recent cases illustrate the liability exposure resulting from inadequate oversight of staff working remotely. Medical equipment supplier Lincare was fined $239,800 as a result of a breach which occurred when an employee left unprotected PHI in a car in the possession of her estranged husband.  An Administrative Law Judge upheld the penalty, noting that Lincare did not have policies in place requiring employees to... More
  • Is Your Facility a PokéStop? (A what?) Are strangers wandering around your health care facility with their noses buried in their smartphones? And if so, what should you do about it? They’re playing Pokémon GO, a location-based augmented reality mobile game that was released for iOS and Android devices on July 6, 2016. Its popularity exceeded all expectations (my kids are probably playing it right now). The game’s objective requires players to search in real-world locations for icons that appear on a GPS-like virtual map. The icons may... More
  • Health System Settles for $1.5 Million for Failing To Implement Business Associate Agreement Matthew Redding contributed to this post. It’s a familiar story: a HIPAA breach triggers an investigation which reveals systemic flaws in HIPAA compliance, resulting in a seven-figure settlement.  A stolen laptop, unencrypted data, a missing business associate agreement, and an aggressive, noncompliant contractor add to the feeling of déjà vu. North Memorial Health Care of Minnesota, a not-for-profit health care system, settled with the Office of Civil Rights for the Department of Health and Human Services (OCR) for $1.55 million resulting from... More
  • Firearms, Mental Health, Executive Orders and HIPAA: A Volatile Mix President Obama announced a series of Executive Orders on January 4, 2016 to address gun-related violence in America. Among those orders was an initiative to increase mental health reporting to the background check system. But this does not mean that mental health records will be widely released or that anyone who has sought treatment for mental illness will be banned from gun ownership.  It only means that information about individuals who are already prevented from owning guns under current law... More
  • A reader comments on that “Medical Hack” meme A thoughtful reader responded to our last post, Debunking a Viral “Medical Hack” Meme,  which advised health plan subscribers to cite certain HIPAA compliance issues in efforts to overturn unfavorable insurance coverage decisions. Jeff Knapp wrote: This meme just popped up in my Facebook news feed this morning, and I was happy to see you addressed it so quickly. I too immediately noticed several flaws. In addition to the ones you noted here, there is certainly no right under HIPAA for an... More
  • Debunking a Viral “Medical Hack” Meme Since the early days of HIPAA, a steady trickle of misinterpretations, misunderstandings and half-truths have circulated informally both within the medical community and among the general public.  The prevalence of social media only amplifies the effect. For example, a meme currently making the rounds on Facebook suggests using HIPAA as a strategy for convincing a health insurer to reverse a coverage denial decision.  The post, entitled “Medical Hack,” began appearing this month.  While containing some accurate information, the post contains... More
  • Did Practice Violate HIPAA By Tipping Off Immigration Authorities? A Houston-area woman was arrested at her gynecologist’s office by Sheriff’s deputies because she presented a false ID and now may face deportation, according to a September 11, 2015 report in the Houston Press.  The woman, Blanca Borrego, was reportedly visiting Northeast Women’s Healthcare for an annual check-up and to follow up on a painful abdominal cyst that had been identified a year earlier.   The Houston Press goes on to say that after filling out paperwork and waiting two... More