Order
Toll-free 24/7:
+13478098481
Order

Hipaa Violation

Course Project Rough Draft MGH HIPAA violation case Jennifer Brummage Medical Law and Ethics In the health care business, there are certain standards and laws that have been put in place to protect our patients and their personal health information. When a health care facility fails to protect their patient’s confidential information, the US Government may get involved and facilities may be forced to pay huge sums of money in fines, and risk damaging their reputation. The Health Insurance Portability and Accountability Act (HIPAA) was established in 1996.

This Act was put into place in order to improve the efficiency and effectiveness of the health care system. The HIPAA law includes a Privacy rule and a Security Rule. Hospitals, Doctors, and employees in the medical field are expected to adopt the national standards and aim to keep patient information confidential. When a hospital or medical employee fails to meet the standards set, lawsuits can ensue and they can be fined large sums of money relating to the incident.

Get your 100% original paper on any topic done
in as little as 4 hours
Write My Essay

The Privacy Rule establishes national standards to protect individual’s medical records and other personal health information and applies to health plans, health care clearinghouses, and those health care providers that conduct certain health care transactions electronically. The Privacy rule requires appropriate safeguards to protect personal health information. The rule also gives patients’ rights over their health information, including rights to examine and obtain a copy of their health records.

The Security protects individual’s electronic personal health information that is created, received, used or maintained by a covered entity. The Security rule requires appropriate administrative, physical and technical safeguards to ensure the confidentiality, integrity, and security of electronic protected health information. The Office for Civil rights (OCR) is responsible for enforcing the HIPAA standards. When a complaint is filed, it is the job of the OCR to investigate. OCR may also conduct compliance reviews to determine if the health organization is in compliance with the HIPAA laws.

When the OCR accepts a complaint from an individual, they will notify the person and the covered entity named in it. Then both parties will submit information about the incident. The OCR will review the information to determine whether or not a violation has occurred. When violations have occurred and have been proven, the US Government will impose a fine that they see appropriate. When Health organizations such a private medical practices, hospitals, and clinics fail to meet the standards described in the HIPAA act, investigations, bad press, and fines are surely to follow.

There have been a number of cases in the past few years that have been investigated for HIPAA violations. One of the more recent and highly publicized cases was that of Massachusetts General Hospital (MGH). On March 6, 2009 is was reported that an employee of MGH had removed from the hospitals premises a folder of documents that included the private healthcare information (PHI) of approximately one hundred and ninety two patients. The employee had removed the folder from the hospital’s medical records room, so that she could bring her work home with her in order to complete some paperwork.

The information that was included in these files were documents that had billing encounter forms that contained the names of the patients, their date of birth, social security numbers, addresses, phone numbers, medical record number, the patients diagnoses and proposed course of treatment, their provider and the providers address and phone numbers. The folder also contained documents that included the practices daily office schedule for three days and the medical record number for 192 patients.

The employee was aware that she was not permitted to remove this confidential information from the hospital premises. In doing so, she violated the HIPAA law. On March 9, 2009, the employee who removed the documents from the hospital was commuting to work on a subway train. According to the complaint that was filed, the employee had removed the folder containing the documents from her bag and placed them in the seat beside her. The documents were not in an envelope and they were bound only by a rubber band. Upon exiting the train, the MGH employee left the documents on the subway train.

The documents were never recovered. This incident was later reported to the Office of Civil rights (OCR) by a patient who was informed by the hospital that his medical records had been lost by an employee and left them on a subway train. The One hundred and ninety two patients involved had been patients of the hospitals Infectious Disease outpatient practice, which includes HIV/AIDS patients. The fact that the patients involved in this case were potentially AIDS patients, made the violation that much more serious.

Investigators had to take in to account that these people had their medical records lost, and in those records were their phone numbers and addresses and possibly their place of employment. If these documents fell into the wrong hands, the potential for destroying the patients’ lives was very high. Had a person with malicious intent got ahold of their information, they could have harassed the patient and possibly spread their personal information around, which could have had devastating consequences. The Office of Civil Rights began their investigation of Massachusetts General following the March 2009 Complaint.

Because of the potential violations that MGH faced, they agreed to pay the United State Government $1,000,000 to settle potential fines. MGH is one of the nation’s largest and oldest hospitals. The Hospital is highly regarded and respected, and many hospitals took notice when the investigation into possible HIPAA security law violations began. In addition to agreeing to pay the United States Government one million dollars, the hospital and the General Hospital Corporation agreed to sign a Resolution Agreement with the United States Department of Health and Human Services (HHS).

The agreement required that the hospital develop and implement a comprehensive set of policies and procedures to safeguard the privacy of its patients. In signing this resolution agreement, it was the HHS hope that other hospitals and clinics throughout the nation would recognize that the OCR is very serious about investigation every claim that is filed with them. The OCR wants other hospitals to see that if a violation has occurred and a patient’s privacy has been violated, there will be consequences.

The OCR wanted to make an example out of Massachusetts General Hospital. In addition to the fines and the signing of the resolution agreement, OCR and HHS asked MGH to enter into a Corrective Action Plan. The HHR wanted the hospital and its employees to not only be held responsible and made an example out of, they also wanted the hospital to raise the awareness of its employees. The Corrective Action Plan (CAP) was designed to develop and implement a comprehensive set of policies and procedures that ensure the patient’s private health information is protected when

Removed from the hospitals premises. It was to ensure that the employees were trained and informed of the new policies and procedures so that future mistakes could be prevented. The hospital was also required to have the Director of Internal Audit Services of Partners HealthCare System Inc. to serve as an internal monitor who will conduct assessments of MGH’s compliance with the CAP and render semi-annual reports to the HHS for a 3 year period. It was the mistake of one person that caused so many changes in MGH’s system.

It was a costly mistake, but ultimately is has helped the United States Government make hospitals aware that if the standards set are not followed then there will be consequences. The HIPAA laws that are set in place are meant to protect patients. Even the US Government and the employees of MGH are someone’s patients, and they would also want their privacy respected. Hospitals across the nation, private practices, doctors and healthcare facilities should take notice, they need to make sure their employees are trained and informed of the policies and procedures regarding patient’s privacy and security.

Every hospital in the nation should raise their own standards so that they are above the ones set for them. Patients will take notice and be appreciative and more trusting when receiving care. In conclusion, this HIPAA violation could have possibly been prevented had MGH implemented the Action Plan in the beginning. The hospital should have had a program that required all employees to take prior to starting work with the hospital. Had the employee that left the documents on the subway been through a class on HIPAA laws and the correct way of handling PHI, maybe the incident never would have occurred.

Hospitals should hold a class as part of the hiring process to thoroughly train their employees on this issue. It could be used as a preventive measure and save the hospital from large fines in the future. References * FierceHealthcare. com, HIPAA violations. Feb 25 2011 (54198) * HHS. gov. News Release MGH HIPAA violation. Feb 24 2011 * US Department of Health and Human Services. HIPAA Law, July 19, 2011 * Zigmond J, Modern Healthcare, ISSN: 0160-7480, 2011 Feb 28; Vol. 41 (9), pp. 13 * http://www. hhs. gov/ocr/privacy/hipaa/understanding/index. html

We will write a custom Essay on Hipaa Violation specifically for you for only $16.05 $13/page

805 certified writers online

Order Now

Need help with your Assignment?

Give us your paper requirements,and we’ll deliver the highest-quality essay at only $13 a page.

Order with discount
Calculate the price
Make an order in advance and get the best price
Pages (550 words)
$0.00
*Price with a welcome 15% discount applied.
Pro tip: If you want to save more money and pay the lowest price, you need to set a more extended deadline.
We know how difficult it is to be a student these days. That's why our prices are one of the most affordable on the market, and there are no hidden fees.

Instead, we offer bonuses, discounts, and free services to make your experience outstanding.
How it works
Receive a 100% original paper that will pass Turnitin from a top essay writing service
step 1
Upload your instructions
Fill out the order form and provide paper details. You can even attach screenshots or add additional instructions later. If something is not clear or missing, the writer will contact you for clarification.
Pro service tips
How to get the most out of your experience with MyStudyWriters
One writer throughout the entire course
If you like the writer, you can hire them again. Just copy & paste their ID on the order form ("Preferred Writer's ID" field). This way, your vocabulary will be uniform, and the writer will be aware of your needs.
The same paper from different writers
You can order essay or any other work from two different writers to choose the best one or give another version to a friend. This can be done through the add-on "Same paper from another writer."
Copy of sources used by the writer
Our college essay writers work with ScienceDirect and other databases. They can send you articles or materials used in PDF or through screenshots. Just tick the "Copy of sources" field on the order form.
Testimonials
See why 20k+ students have chosen us as their sole writing assistance provider
Check out the latest reviews and opinions submitted by real customers worldwide and make an informed decision.
ACC543MANAGERIALACCOUNTINGANDLEGALASPECTS
excellent
Customer 452773, January 25th, 2024
Business and administrative studies
looks good thank you
Customer 452773, March 3rd, 2023
Philosophy
Thank you
Customer 452811, February 17th, 2024
Business and administrative studies
great job as always
Customer 452773, February 26th, 2023
Leadership Studies
excellent job
Customer 452773, August 3rd, 2023
Sociology
THANK YOUUUUU
Customer 452591, March 18th, 2021
Human Resources Management (HRM)
excellent
Customer 452773, July 11th, 2023
Human Resources Management (HRM)
excellent job
Customer 452773, June 25th, 2023
Human Resources Management (HRM)
excellent, great job
Customer 452773, June 19th, 2023
Human Resources Management (HRM)
excellent work
Customer 452773, July 3rd, 2023
FIN571
excellent
Customer 452773, March 15th, 2024
Business and administrative studies
excellent job thank you Your Score 166.25/ 175- A 1. Current Culture 15% of total grade 18.37 Criterion "1. Current Culture" has textual feedback Criterion Feedback I see interesting points, though, in general they are not about the culture.
Customer 452773, June 4th, 2023
11,595
Customer reviews in total
96%
Current satisfaction rate
3 pages
Average paper length
37%
Customers referred by a friend
OUR GIFT TO YOU
15% OFF your first order
Use a coupon FIRST15 and enjoy expert help with any task at the most affordable price.
Claim my 15% OFF Order in Chat
Check the price of your paper
Show more
Close

Sometimes it is hard to do all the work on your own

Let us help you get a good grade on your paper. Get professional help and free up your time for more important courses. Let us handle your;

  • Dissertations and Thesis
  • Essays
  • All Assignments

  • Research papers
  • Terms Papers
  • Online Classes
Order with discount
Before you leave
Receive a guaranteed discount when ordering four or more pages
4
You'll get 15% discount
use discount
Live ChatWhatsApp