Dexcomm Blog

HIPAA Case Study: Nurse Discloses PHI for Personal Gain

June 26, 2012

 

A licensed practical nurse (LPN) plead guilty to wrongfully disclosing a patients health information for personal gain. The woman faces a maximum of ten (10) years imprisonment, a $250,000 fine or both. Having shared the patient's information with her husband, the husband contacted the patient and told the patient that he was going to use the information against him in an upcoming legal proceeding. Click here to read the full story.

 

Protect your medical office and patients by conducting a HIPAA Risk Analysis and having a HIPAA Policy. The Security Management Process standard in the Security Rule requires organizations to implement policies and procedures to prevent, detect, contain, and correct security violations. (45 C.F.R. § 164.308(a)(1).) Risk analysis is one of four required implementation specifications that provide instructions to implement the Security Management Process standard. Section 164.308(a)(1)(ii)(A) states:

RISK ANALYSIS (Required). Conduct an accurate and thorough assessment of the potential risks and vulnerabilities to the confidentiality, integrity, and availability of electronic protected health information held by the [organization].

 

Click here for more on conducting a HIPAA Risk Analysis

 

 


Dexcomm is a Louisiana-based corporation that provides answering services to businesses and service agencies across the United States. We have been open since 1954, employ a staff of roughly 50 people, and our average client retention rate is 10+ years.

Connect With Us:

Twitter

Facebook

LinkedIn


 

Read More About The Author: Dexcomm