Search Results : InformationWeek » PHIprivacy.net

Oct 082014
 

Alison Diana reports:

To combat “doctor shopping,” “pill mills,” and addiction to medications such as pain and anti-anxiety pills, many states have created databases that track the doctors who prescribe and patients who take these medications. Used by pharmacies and practices to ensure consumers aren’t seeing multiple physicians to get controlled substances, these databases also have become a tool for law enforcement — and at least one medical board’s investigative arm.

But could investigators’ access to these records, which also include non-controlled medications, jeopardize patient privacy, especially when data segues from deidentified to clearly identified information and patients are called upon to hand over their complete medical records as part of an investigation? How are patients affected? And could the evolving new healthcare model — which demands more synergies between clinicians and consumers — be damaged if doctors cannot openly discuss topics such as weight?

California’s Supreme Court is expected to address these questions when it hears the case of Dr. Alwin Carl Lewis v. the Superior Court and Medical Board of California in 2015.

Read more on InformationWeek.

Jul 292014
 

Alison Diana reports:

When a doctor treating a North Carolina nursing home patient asked a nurse to text the resident’s lab results, only the two authorized medical professionals saw the message — but the residential facility ended up paying a high price for using this inherently insecure messaging medium.

The Centers for Medicare & Medicaid Services (CMS) gave the unnamed skilled nursing facility an “e-level deficiency,” meaning there was “no actual harm but potential for more than minimal harm,” according to a blog by law firm Poyner SpruillAs a result, CMS imposed a 10-point Directed Plan of Correction (DPOC) to be implemented within 15 days….

Read more on InformationWeek.

May 142014
 

Alison Diana reports:

With the mandated adoption of electronic health records (EHRs), many healthcare professionals for the first time got centralized access to patient records. Now they’re figuring out how to use all this information. Although the healthcare industry has been slow to delve into big data, that might be about to change. At stake: not only money saved from more efficient use of information, but also new research and treatments — and that’s just the beginning.

For instance, data from wireless, wearable devices such as FitBits is expected to eventually flood providers and insurers; by 2019, spending on wearables-data collection will reach $52 million, according to ABI Research. Another source of health data waiting to be analyzed: social media. Monitoring what people post can help fight insurance fraud and improve customer service.

Read more on InformationWeek.

Nov 252013
 

Ross Anderson writes:

Your medical records are now officially on sale. American drug companies now learn that MedRed BT Health Cloud will provide public access to 50 million de-identified patient records from UK.

David Cameron announced in 2011 that every NHS patient would be a research patient, with their records opened up to private healthcare firms. He promised that our records would be anonymised and we’d have a right to opt out. I pointed out that anonymisation doesn’t work very well (as did the Royal Society) but the Information Commissioner predictably went along with the charade (and lobbyists are busy fixing up the new data protection regulation in Brussels to leave huge loopholes for health service management and research). The government duly started to compel the upload of GP data, to join the hospital data it already has. During the launch of a medical confidentiality campaign the health secretary promised to respect existing opt-outs but has now reneged on his promise.

Read more on Light Blue Touchpaper, but before getting too worked up, do read the comments under the post.

Sep 202012
 

Michelle McNickle reports:

The recent data breach at Massachusetts Eye and Ear Infirmary (MEEI) and Massachusetts Eye and Ear Associates once again screams the message: Encryption, encryption, encryption!The provider has agreed to pay a $1.5 million fine to theDepartment of Health and Human Services (HHS), after allegations were made that Mass. Eye and Ear failed to comply with certain requirements of the Health Insurance Portability and Accountability Act (HIPAA) standards that govern the security of individually identifiable health information.

Read more on InformationWeek.