[ISN] Shasta Regional slapped with $275K HIPAA fine

http://www.clinical-innovation.com/topics/policy/shasta-regional-slapped-275k-hipaa-fine By Laura Pedulli Clinical Innovation + Technology June 18, 2013 Shasta Regional Medical Center (SRMC) agreed to pay $275,000 and undertake a corrective action plan after a Department of Health and Human Services (HHS) Office for Civil Rights (OCR) investigation uncovered HIPAA violations stemming from unauthorized disclosure of a patient’s personal health information. The HHS notified the center of a compliance review on Jan. 6, 2012–two days after a Los Angeles Times article indicated that SRMC senior leaders met with the media to discuss the medical services provided to a patient without valid written authorization, according to the resolution agreement. The leaders had met with media to respond to allegations of Medicare fraud in a California Watch story, which had cited the SRMC’s high billing rate for kwashiorkor, which is a form of malnutrition. In that story, the patient had denied receiving treatment for kwashiorkor, and the leaders sought to explain the billing by disclosing the patient’s health record, according to a Jan. 18, 2013 California Watch article on the investigation. On three separate occasions, SRMC disclosed the patient’s information, according to the agreement. In two cases, the leaders shared with media the patients’ medical treatment and lab results without written authorization from the patient. SRMC also sent an email to its entire workforce of approximately 785 to 900 individuals, explaining the patient’s medical condition, diagnosis and treatment. […] _______________________________________________ ISN mailing list ISN@lists.infosecnews.org http://lists.infosecnews.org/mailman/listinfo/isn_lists.infosecnews.org




Facebooktwittergoogle_plusredditpinterestlinkedinmail