• Home
• Topics
  • Federal Stimulus Funding
  • Business and Finance
  • Chronic Disease Care
  • Health Plans
  • Hospitals
  • EHRs and PHRs
  • Global Health
  • Physician Practices
  • Policy
  • ONC
  • Patient Safety
  • Telehealth
  • Tools and Devices
  • Privacy and Security
  • Public Health
  • Long-Term Care
  • Consumer Information
  • Data Standards
• Perspectives
  • Current Perspectives
  • Perspectives Archive
• Features
  • Current Feature
  • Features Archive
• Stimulus Watch
• Data Points
  • Current Data Point
  • Data Point Archive
• Special Reports

EVENTS

View All Events

FROM THE FOUNDATION

The Social Life of Health Information

A new Pew Internet/CHCF national survey finds the Internet has joined doctors and family members as one of the top three ways people search for answer to their health care questions.

Evaluating One-e-App

CHCF and The California Endowment funded the development of One-e-App, a Web-based program that enables users to apply for multiple public insurance programs at once. Read a business case assessment by The Lewin Group.

Privacy, Security, and the Stimulus Bill

The recently enacted economic stimulus legislation includes a number of improvements to federal health privacy law. This brief looks at issues of privacy and security in the wake of ARRA.

Recently disclosed data breaches at University of California-Los Angeles Medical Center have led some critics of federal and state medical privacy laws to question whether the laws are strict enough, the Los Angeles Times reports.

The federal Health Insurance Portability and Accountability Act of 1996 includes rules that govern medical privacy, but a recent legal opinion by the Justice Department concluded that the rules apply primarily to organizations -- hospitals, health plans and physician offices -- and only secondarily to individuals, who typically are implicated in privacy violations.

Some privacy advocates have called for the law to be revised to permit individuals to specifically designate who may access their medical records, but some health care industry stakeholders argue that such a law would be difficult to enforce.

The California Department of Public Health has launched an investigation into the recent data breaches at UCLA Medical Center. If the probe finds privacy deficiencies at UCLA, the department can force the facility to create a plan of correction.

California would then review the plan and revisit the hospital to ensure the plan has been implemented, the Times reports (Alonso-Zaldivar, Los Angeles Times, 4/9).

The UCLA Medical Center employee, Lawanda Jackson, who allegedly breached nearly 60 patients' medical records said on Tuesday, it was "just me being nosy," the Times reports.

Jackson, an administrative specialist, could face criminal charges for violating HIPAA medical privacy rules (Ornstein, Los Angeles Times, 4/9).

Deborah Peel, founder of Patient Privacy Rights, in a Healthcare IT News letter to the editor writes, "The abysmal security measure and non-existent consumer access control over personal data at the UCLA Medical Center and by the NIH are currently standard operating procedure for the entire health care industry."

She adds, "The nation's electronic health systems are neither safe nor secure, and consumers cannot stop their very valuable data from being snooped in, shared, misused, sold or stolen.

According to Peel, the TRUST Act (HR 5442) "will do most of what is needed to restore our centuries-old legal and ethical standards to health privacy and control over personal health information" (Peel, Healthcare IT News, 4/9).

• Print
• Email
• Share
  • del.icio.us
  • Digg
  • Facebook
  • Twitter

RELATED STORIES

03/12/2008

Group Launches Health IT Privacy Project To Develop Policies

03/13/2008

New Hampshire House Defeats EHR Patient Privacy Legislation

03/18/2008

UCLA Hospital Steps Up Privacy Efforts in Response to Breaches

04/07/2008

UCLA Medical Center Finds Privacy Breaches of Electronic Records

MOST POPULAR ARTICLES