HIPAA requires the Department of Health and Human Services (HHS) to adopt national standards for electronic health care transactions and national identifiers for providers, health plans, and employers. Learn more about HIPAA legal matters, including privacy breaches and keeping medical records confidential.

Sarasota Sheriff Wants Patients to Waive HIPAA Privacy Rights

By Danielle M. Murray, J.D.

Law enforcement has been working hard to bust pill mills and stop prescription drug abuse. Pharmacists and pain management doctors are under intense scrutiny by various law enforcement agencies, including the Drug Enforcement Administration (DEA) and the Department of Health (DOH), for their role in giving out controlled substances.

“Doctor shopping” is a common phrase used to describe patients who see multiple doctors in a short period of time in an attempt to dupe doctors into giving them prescriptions for controlled substances. Doctors have been hampered somewhat by HIPAA privacy laws and have been unable to report suspicious patients to law enforcement […]

Ex-Hospital Employee Admits to Stealing and Selling Confidential Patient Information

By Lance O. Leider, J.D., and George F. Indest III, J.D., M.P.A., LL.M., Board Certified by The Florida Bar in Health Law

On October 22, 2012, a former Florida Hospital employee admitted to stealing patient information that was used to target customers for lawyers and chiropractors, according to a number of sources. The man allegedly pleaded guilty in Orlando federal court to one count of conspiracy and one count of wrongful disclosure of health information, according to the Department of Justice (DOJ). By accessing this information the man violated criminal provisions of the Health Insurance Portability and Accountability Act (HIPAA).

To read a press […]

Nationwide Telephone Scam: Phony DEA Agents Extorting Money from Victims

4 Indest-2009-3By George F. Indest III, J.D., M.P.A., LL.M., Board Certified by The Florida Bar in Health Law

The Drug Enforcement Administration (DEA) is warning the public to be aware of a prescription drug scam. This telephone scheme is extorting money from people all over the country. On November 28, 2012, the DEA released a press release explaining the details of the scam.

Do Not Wire Money to Phony DEA Agents.

The scam starts with criminals posing as DEA agents calling victims by telephone. Frequently the victims will have recently purchased prescription drugs over the internet or by phone. The imposters tell the victims that purchasing the drugs in […]

Health Care Professionals Take Note of the New HIPAA Rules

Patricia's Photos 013By George F. Indest III, J.D., M.P.A., LL.M., Board Certified by The Florida Bar in Health Law, and Lance O. Leider, J.D., The Health Law Firm

With the popularity of electronic health records (EHRs), social media and everything in between, the U.S. Department of Health and Human Services (HHS) has released stronger rules and protections governing patient privacy. On January 17, 2013, the HHS announced the omnibus rule to strengthen the privacy and security protection established under the Health Insurance Portability and Accountability Act (HIPAA) of 1996.

Click here to read the entire 563-page rule.

Now, I can’t say that I’ve read […]

Florida Man Sentenced to Prison for Role in Florida Hospital Data Theft

Lance Leider headshotBy Lance O. Leider, J.D., The Health Law Firm

A Davenport, Florida, man was sentenced to four years in prison for paying off two Florida Hospital employees to illegally access patient records, according to the Department of Justice (DOJ). A judge sentenced Sergie Kusyakov on April 10, 2013. He was charged with conspiracy and wrongful disclosure of individual identifiable health information.

Click here to read the press release from the DOJ.

Ex-Employees Sold Patient Information to a Co-Conspirator.

Mr. Kusyakov’s sentence stems from a privacy breach at Florida Hospital back in October 2011. The breach involved thousands of patient records that were illegally accessed between 2009 and 2011. Apparently Mr. Kusyakov was […]

Affinity Health Plan Settles with Government in Photocopier HIPAA Breach Incident Involving Patient Medical Information

8 Indest-2008-5By George F. Indest III, J.D., M.P.A., LL.M., Board Certified by The Florida Bar in Health Law

The U.S. Department of Health and Humans Services (HHS) Office of Civil Rights (OCR), and Affinity Health Plan, Inc. (Affinity), reached a settlement for more than $1.2 million for potential violations of the Health Insurance Portability and Accountability Act (HIPAA). The alleged violations related to a photocopier previously leased by Affinity. The photocopier had an internal hard drive which stored copies of documents, including medical records, which had been photocopied by Afinity. The photocopier was returned to the leasing company and then later purchased from that same company by CBS Evening News. Apparently CBS […]

Two Laptops Containing Information of 729,000 Patients Stolen from California Hospital Group

6 Indest-2008-3By George F. Indest III, J.D., M.P.A., LL.M., Board Certified by The Florida Bar in Health Law

The personal health information of around 729,000 patients has been compromised following the theft of two laptops. The password-protected computers were taken from an administration building of AHMC Healthcare Inc., a hospital group in Alhambra, California. According to the Los Angeles Times, the laptops contain data from patients treated at six different AHMC Healthcare hospitals. Surveillance video shows that the theft occurred on October 12, 2013, but hospital officials did not discover the laptops were missing until two days later.

To read the article from the Los Angeles Times, click here.

Laptops Contain […]

By |2024-03-14T10:00:52-04:00June 1, 2018|HIPAA, Hitech Act, The Health Law Firm Blog|

Dermatology Practice Settles with Government After Stolen USB Drive Results in HIPAA Breach

10 Indest-2008-7By George F. Indest III, J.D., M.P.A., LL.M., Board Certified by The Florida Bar in Health Law

The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR), and Adult & Pediatric Dermatology (APDerm), reached a $150,000 settlement for privacy and security violations of the Health Insurance Portability and Accountability Act (HIPAA). The alleged violations related to an unencrypted USB drive that was stolen. The thumb drive contained the protected health information (PHI) of around 2,200 patients, according to a press release posted December 26, 2013, on the HHS website.

According to the HHS, this is the first settlement with a covered entity for not having policies and procedures […]

By |2024-03-14T10:00:54-04:00June 1, 2018|HIPAA, Hitech Act, The Health Law Firm Blog|

Are You Ready for HIPAA and HITECH Audits?

The Office for Civil Rights (OCR) of the U.S. Department of Health and Human Services (HHS) is launching a pilot program this month to make sure covered entities are in compliance with HIPAA privacy and security rules and breach notification standards, according to the OCR. The OCR will perform up to 150 audits to assess HIPAA compliance.

The HITECH Act requires HHS to perform periodic audits to check for HIPAA compliance. The audits will be conducted from November 2011 through December 2012. Initially these audits will likely focus on hospitals and insurance companies, but HMEs could also be a target.

Though early audits are likely to be educational, in order to get a […]

Data Breach at Colorado Hospital Highlights IT Security Risks

Lance Leider headshotBy Lance O. Leider, J.D., The Health Law Firm

A small rural hospital in Glenwood Springs, Colorado, has identified a virus on its computer network that had captured and stored screen shots of protected health information in a hidden file system. The hidden folder was created on Sept. 23, 2013, but was not discovered until Jan. 23, 2014. The breach identified at least 5,400 individual patients whose information was compromised.

According to Healthcare IT News, among the stolen data was patient names, addresses, dates of birth, telephone numbers, Social Security numbers, credit card information, and admission and discharge dates.

Hospital officials have been unable to determine how the virus was loaded onto […]

Go to Top