Editor's Corner
The jury is still out on just how serious a problem online ID theft is, but the picture is getting a bit more clear--and scary--when it comes to your company's liability if it does allow sensitive patient info to be stolen. An interesting piece by attorney and former federal prosecutor Howard Goldstein in the equally scary sounding Business Crimes Bulletin makes it all too clear. "As we are reminded from time to time, it is not entirely safe to entrust confidential personal information to others," Goldstein writes. "Just such a reminder occurred in late May 2006, when the U.S. Department of Veterans Affairs disclosed that the confidential personal information of about 26.5 million people, including their Social Security numbers, had been stolen when a Virginia analyst took data home and his home was burglarized." He cites the non-profit Privacy Rights Clearinghouse which says that theft brought the number of identities compromised since 2005 to over 80 million. And surprise, surprise it appears ID theft is a growing concern nearly everywhere.
The Health Insurance Portability and Accountability Act (HIPAA) imposes obligations on health care providers to safeguard personal information, he notes. A person who knowingly obtains or discloses confidential health information about a patient is subject to fines and imprisonment. Wrongful disclosure of individually identifiable health information carries up to a year in prison and up to a $50,000 penalty. If the wrongful disclosure is under false pretenses, the maximum term rises to 5 years, and the monetary penalty to $100,000. If the disclosure was with an intent to sell, transfer or use for commercial advantage, personal gain or to inflict malicious harm, the maximum sentence increases to 10 years, with a fine of up to $250,000.
Regardless how of scared you should be of HIPAA (see the Spotlight below), he says controversial pending federal legislation that would preempt state data-breach notification laws may change the legal framework--and change like that is usually scary for those who have to figure out how to comply. "Clearly, the legal landscape is in flux," he says with perhaps a bit of understatement. Find some way out of the flux here or join our debate on the problem of patient ID theft here. - Michael
SHARE WITH:
Home
| Subscribe | Advertise | Mobile Edition | RSS |
Privacy
| Site Map | List in Marketplace | Supplier MarketplaceTHE FIERCEMARKETS NETWORKFierceFinance | FierceFinanceIT | FierceComplianceIT | FierceHealthcare | FierceHealthFinance | FierceHealthIT | Hospital Impact | FierceMobileHealthcare | FierceCIO | FierceCIO:TechWatch | FierceContentManagement | FierceMobileIT | FierceGovernmentIT | FierceBiotech | FierceBiotech Research | FiercePharma | FierceVaccines | FierceBiotechIT | FiercePharma Manufacturing | FierceIPTV | FierceOnlineVideo | FierceTelecom | FierceVoIP | FierceBroadbandWireless | FierceDeveloper | FierceMobileContent | FierceWireless | FierceWireless:Europe | FierceCable© 2010 FierceMarkets. All rights reserved. |
 |