Recent news headlines featured executives from Facebook and Twitter addressin

 
Recent news headlines featured executives from Facebook and Twitter addressing individual privacy violations and data breaches. In the healthcare field, the right to privacy and consent to treatment is not new and actually dates back to the Hippocratic oath. However, on a recent visit to a physician’s office, do you recall the sign in process? Did you give your name and birth date orally to a clerk? Or did you sign a form and include your date of birth and/or other personal information on the sign-in sheet, for everyone to see? Could you see the names and personal information of people that signed in before you? These are examples of how your private information can be shared, accidentally, with others. Thus, client privacy and informed consent violations are not limited to companies such as Facebook and Twitter,  but to health and human services organizations as well.
Advances in technology and multiple service providers, for example, doctors, case managers, etc, have increased the potential of a data breach risk associated with the sharing of patient protected health information (PHI). The Department of Health and Human Services, Office of Civil Rights (OCR) is responsible for oversight and enforcement of HIPAA regulations. Every year OCR regulators sanction and penalize healthcare organizations for violating patient privacy.
What are the most common types of data breaches?  Examples of accidental disclosure of patients’ protected health information (PHI) could be mailing out flyers with PHI, unauthorized access to PHI via an employee email, discussing PHI in the hallway, hacking of computer systems, loss of laptops containing patient information, or medical records found in dumpsters.  The purpose of this assignment is to understand, recognize, analyze, and evaluate PHI laws and data breach cases and their risk implications for local healthcare organizations. The fines and penalties are not limited to the organization, but as you will see in this assignment, can be assessed against employees of the organization such as case managers, social workers, nurses, counselors, etc.