[privacy] Operator of 12 Hospitals Informs of Lost Data

["Fergie" <fergdawg () netzero net>]

Via MSNBC (AP).

[snip]

The operator of 12 hospitals in Indiana and Illinois is notifying more
than a quarter-million patients that compact discs containing their
Social Security numbers and other personal information were lost for
three days over the summer.

However, officials said they do not believe any of the 260,000
patients’ information was improperly accessed.

The Sisters of St. Francis Health Services, which operates 10 hospitals
in Indiana and two in Illinois, said in the warning letter that an
employee of a medical billing contractor copied the data onto several
CDs in July and placed them in a new computer bag to work from home.

[snip]

More:
http://www.msnbc.msn.com/id/15403873/

Again, what effect has HIPAA had on these sorts of data losses and
disclsoures. Absolutely none.

> From yesterday:

[snip]

None of the institutions involved in these incidents has been fined
under the highly touted medical privacy law, known as HIPAA (Health
Insurance Portability and Accountability Act).

In fact, there have been 22,664 HIPAA privacy-related complaints filed
since the privacy rule took effect in 2004, and not a single
institution has been fined for privacy lapses, according to the
Department of Health and Human Services, which enforces HIPPA. It's not
clear that any of the three incidents above generated HIPAA privacy
complaints, so the total number of privacy-related incidents is no
doubt higher.

[snip]

More:
http://redtape.msnbc.com/2006/10/two_years_ago_w.html

HIPAA is a bad joke.

- ferg

--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg(at)netzero.net
 ferg's tech blog: http://fergdawg.blogspot.com/

_______________________________________________
privacy mailing list
privacy () whitestar linuxbox org
http://www.whitestar.linuxbox.org/mailman/listinfo/privacy