2 min read
Paubox Weekly: Online review response leads to costly HIPAA violation for healthcare provider
Dean Levitt June 08, 2023
Hello World!
Today’s Paubox Weekly is 493 words - a 2 minute read.
1. Online review response leads to costly HIPAA violation for healthcare provider
The Office for Civil Rights has reached a settlement with a New Jersey-based healthcare provider offering adult and child psychiatric services.
The settlement comes after Manasa Health Center was accused of impermissibly disclosing the protected health information of a patient in response to a negative online review.
What they're saying: OCR Director Melanie Fontes Rainer stated, "OCR continues to receive complaints about health care providers disclosing their patients' protected health information on social media or on the internet in response to negative reviews. Simply put, this is not allowed.
A $30,000 response to a bad review
Did you know?
You can earn $250 for every organization you send our way. Here's how.
2. Is online tracking HIPAA compliant?
Online tracking poses a serious risk to the privacy and security of protected health information.
What they're saying: The OCR's guidelines state, "Regulated entities are not permitted to use tracking technologies in a manner that would result in impermissible disclosures of PHI to tracking technology vendors or any other violations of the HIPAA Rules."
Best practices for implementing online tracking
3. Spike in Medicaid disenrollments affects hundreds of thousands of patients
In April, 5 states began disenrolling adults and children from Medicaid after the restriction on disenrolling was lifted, with potentially devastating impacts on patients and hospitals.
Why it matters: With patients shifting to other hospitals or simply going without care, hospitals may see a decrease in revenue, which could impact their ability to purchase new technology or improve their facilities.
The solution may lie in expanding care options
4. Is unecrypted email a HIPAA violation?
While the Security Rule doesn't explicitly require email to be encrypted, using unencrypted email to transmit protected health information can be a HIPAA violation.
The bottom line: Although encryption is not explicitly required, it is strongly encouraged to ensure HIPAA compliant email communication.
Encrypted email is a HIPAA best practice
5. National security and patient privacy collide in high-profile mistrial
A federal judge has declared a mistrial in the high-profile case of two Maryland doctors charged with conspiring to assist Russia by disclosing the health information of several patients.
What happened: The jury was deadlocked, with one juror believing that the defendants were entrapped by the government, leading to the mistrial.
Community links
- How to be HIPAA compliant without worrying about HIPAA compliance. Link
- The challenges of navigating portals for patients. Link
- How HIPAA applies to reproductive health information. Link
- Email marketing for therapists. Link
- What are the confidentiality rules in therapy? Link
- Is there a HIPAA certification? Link
Good reads from around the web
- California hospital staff call for halt of surgeries over bizarre particles. Link
- Japanese pharma giant Eisai discloses ransomware attack. Link
- IoT Security in Healthcare: Protecting Patient Data and Devices. Link
- A cure for nuclear radiation may be available soon. Link
- Premier Survey Reveals Key Insights on Workplace Violence Incidents in Healthcare. Link
Subscribe to Paubox Weekly
Every Friday we'll bring you the most important news from Paubox. Our aim is to make you smarter, faster.