HIPAA Violations
Are you in the healthcare industry? If you are, then HIPAA is an important part of your everyday life.
Training your team on HIPAA best practices, maintaining compliance, and making sure you avoid violations and fines for your hospital is an important part of the job.
Sometimes you may feel like, “what’s the point of all this HIPAA compliance?” or “What is HIPAA training for?” The legislation and compliance measures loom over everyone’s heads every day. It’s easy to treat it as some far-off “boogeyman” that you’ll never see in your life.
That belief is far from the truth. The truth is that HIPAA impacts healthcare workers throughout the country daily. It’s easy to lose sight of that if your workplace maintains compliance.
That’s why we thought it’d be a good idea to go over some current news stories regarding HIPAA. It will add to your HIPAA training. It will give you a chance to see that HIPAA violations are real and they do happen.
Table of Contents
Hacking Healthcare
North Country Healthcare is the subject of a recent HIPAA violation. North Country uses a third-party vendor to handle its patients’ information. The company responsible is Capturer. They manage North Country patients’ EHRs and personally identifiable information.
CaptureRX reported a breach in their system. The breach was responsible for the release of several patients’ personal information. On February 6, 2021, CaptureRX was alerted to suspicious activity involving their patients’ records.
CaptureRX confirmed that hackers were able to access EHRs within their system improperly. North Country Healthcare is now aware of the news. CaptureRX officially notified them in April 2021.
According to CaptureRX, the hackers gained access to patient first names, patient last names, dates of birth, prescription information, and medical record numbers. The company also notes that the security mishap responsible for the breach has been corrected.
After investigation, CaptureRX concludes that no misuse or improper distribution of the information has occurred. North Country is encouraging its patients to review their accounts to make sure nothing serious has taken place. North Country has also provided its patients with information on how to better protect their information and prevent identity theft.
Pandemic Probing
On July 14, the lieutenant governor of North Carolina, Mark Robinson, spoke out against federal COVID-19 protocols. Lieutenant governor Robinson posted on social media that employers and businesses asking questions about COVID-19 vaccinations violate HIPAA laws.
More specifically, Robinson takes issue with the federal government’s narrative promoting COVID-19 vaccines. This commotion comes in the wake of a new initiative that President Joe Biden is spearheading.
The White House’s goal was to have 70% of Americans vaccinated by July 4th. According to the most recent statistics, the Biden administration didn’t reach that goal. In response, President Biden is pledging to send COVID-19 vaccination advocates “door-to-door” in certain areas of the country.
Naturally, several leaders of the Republican party are meeting this initiative with opposition. One of these leaders is Lt. Governor Mark Robinson. The Lt. Governor is claiming that such an initiative is an invasion of Americans’ privacy.
To be clear, Robinson has no problem with people receiving the vaccine. He believes that every American should have a right to the COVID-19 vaccine if they so choose. Robinson’s problem lies with the methods President Biden and The White House are using to administer those vaccinations.
Robinson claims that showing up on people’s front doors and asking for private medical information like their vaccination status violates HIPAA legislation, calling the whole process “unacceptable and illegal.” Robinson went on to say that the decision to receive the vaccine should be left up to Americans’ own free will.
Is Lt. Governor Robinson Right?
Lt. Governor Robinson’s comments have people asking if they are, in fact, true. Does the White House’s initiative to poll Americans door-to-door about the vaccine violate HIPAA legislation?
The first important fact to note is that according to Jen Psaki, White House Press Secretary, the people who will be going door-to-door aren’t Federal government employees. They are members of the community.
All-in-all, experts believe that the White House’s plan doesn’t violate HIPAA protocols.
Clarifying the Law
When the Health Insurance Portability and Accountability Act came to be in 1996, it became law to govern how healthcare workers handle patient information. As such, experts are saying that community volunteers or government officials don’t fall under its jurisdiction. The CDC also says that the laws were made to prevent healthcare companies from disclosing patients’ personally identifiable information.
Staff from the White House and even from your local Mayor’s office can ask questions regarding your COVID-19 vaccination status.
Kirk Nahra, an attorney for D.C. law firm WilmerHale wrote about HIPAA and its effects on privacy just last month. In his writing, Nahra says that even where HIPAA is applicable, it doesn’t prevent a government official from asking Americans questions about their health or vaccination status.
Any individual volunteer or government employee can request health information from Americans. Unless they are a healthcare entity, with access to a patient’s electronic records, HIPAA privacy laws would not apply.
Republicans other than Robinson have been adamant that COVID-19 procedures have violated Americans’ rights and privacies on many fronts. This is another one of those claims. Only time will tell if Lt. Governor Robinson is right and if the White House gets to move forward with their plan.
HIPAA Gets Hip
In some more positive news, HIPAA is starting to become hip! A tech startup out of Chatanooga, TN, is pioneering the use of HIPAA-compliant text messaging technology.
Technology is changing the way communication takes place in all industries. Healthcare is no different. This is why this Chattanooga startup is working tirelessly to launch its software Text Request.
The software application will allow healthcare workers and medical professionals to text their patients regarding their health information. One of the most common uses of the software would be to remind patients about upcoming appointments.
The staff of the startup company says the technology is being pioneered for a reason. The tech team is noticing an increase in the demand for telehealth services since last year at the start of the COVID-19 pandemic.
The firm realized that great healthcare could still be provided without patients walking into a doctor or dentist’s office. The team is proud to say that their messaging service is compliant with HIPAA privacy laws.
Medical professionals can implement this tool in their business with packages ranging from $50-$500 per month.
HIPAA In Court
A U.S. Court of Appeals for the Fourth Circuit is claiming there is no constitutional right for a private course of action in response to an improper release of medical information.
Christopher Payne, an inmate at the Deep Meadow Correctional Facility, is receiving treatment from the prison’s medical staff. Payne claims that prison doctors stated his diagnosis loudly enough for other prison inmates to hear.
Payne alleges prison doctors of saying he hadn’t taken his HIV medication. Them saying he hadn’t taken it isn’t the problem. The problem Mr. Payne had was that he felt it was said loud enough for other prison inmates to hear.
Mr. Payne then moved forward with filing a lawsuit against the Deep Meadows Correctional Facility. He claims that his medical records should be confidential, and the prison violates HIPAA Violations & privacy, as well as the 14th amendment.
The Opinion of the Court
The Court of Appeals backed the district court’s decision to dismiss the case. Their reasoning didn’t really cite the incident itself. But rather, focused on the fact that HIPAA laws do not provide for a private course of action under the law. Essentially, Mr. Payne had no right to file a lawsuit for what happened according to HIPAA.
The Court admitted that its ruling does muddy the waters surrounding HIPAA privacy. However, the Court stated that there needs to be a “reasonable expectation of privacy” for the law to hold any ground.
The Court went on further to say that in Mr. Payne’s case there was no reasonable expectation. This is because he is being held in a public facility. His health condition also involves a communicable disease.
Helping Hands
The Pennsylvania-based company, Handsfree Health, is offering healthcare workers a new digital solution for HIPAA Violations
It’s called WellBe. It’s a digital healthcare assistant platform that is voice-enabled and HIPAA-compliant. This virtual health assistant provides an alternative telehealth option.
WellBe can add on to health plans for just pennies a month. Users can access the software through any smartphone or smart device.
Call It A Wrap
HIPAA Violations – That’s a wrap! We hope you were able to learn from these HIPAA news stories. HIPAA is very real. It’s out there even though it may not be a problem in your current hospital.
To know more about HIPPA compliance and courses visit HIPAA Exams. Aside from providing HIPAA compliance courses, HIPAA exams also provide other compliances courses on Healthcare Safety on BBP Training, and HR Training on Sexual Harassment.
