http://www.clinical-innovation.com/topics/policy/shasta-regional-slapped-275k-hipaa-fine
By Laura Pedulli
Clinical Innovation + Technology
June 18, 2013
Shasta Regional Medical Center (SRMC) agreed to pay $275,000 and undertake a
corrective action plan after a Department of Health and Human Services (HHS)
Office for Civil Rights (OCR) investigation uncovered HIPAA violations stemming
from unauthorized disclosure of a patient’s personal health information.
The HHS notified the center of a compliance review on Jan. 6, 2012--two days
after a Los Angeles Times article indicated that SRMC senior leaders met with
the media to discuss the medical services provided to a patient without valid
written authorization, according to the resolution agreement.
The leaders had met with media to respond to allegations of Medicare fraud in a
California Watch story, which had cited the SRMC’s high billing rate for
kwashiorkor, which is a form of malnutrition. In that story, the patient had
denied receiving treatment for kwashiorkor, and the leaders sought to explain
the billing by disclosing the patient’s health record, according to a Jan. 18,
2013 California Watch article on the investigation.
On three separate occasions, SRMC disclosed the patient's information,
according to the agreement. In two cases, the leaders shared with media the
patients’ medical treatment and lab results without written authorization from
the patient. SRMC also sent an email to its entire workforce of approximately
785 to 900 individuals, explaining the patient’s medical condition, diagnosis
and treatment.
[...]
_______________________________________________
ISN mailing list
[email protected]
http://lists.infosecnews.org/mailman/listinfo/isn_lists.infosecnews.org
