Part B Insider (Multispecialty) Coding Alert

Physician Note:

Stanford Hospital HIPAA Breach Exposes 20,000 ER Patients' PHI for Almost A Year

Plus: Privacy enforcement could heat up even more thanks to new OCR director.

Despite the fact that HIPAA requirements have been around for several years now, it can still be difficult to keep patients' protected health information (PHI) secure, one hospital recently found.

Stanford Hospital in Palo Alto, Calif., recently discovered that the hard way when it was discovered that the names and diagnosis codes of 20,000 emergency room patients were posted on a commercial Web site for nearly a year, the New York Times reported on Sept. 8.

The detailed spreadsheet that contained PHI was posted by a billing contractor to a Web site that allowed students to solicit help with schoolwork, along with a question asking how to convert the data into a bar graph. The attachment, which included six months worth of patient data from 2009, remained on the site for nearly a year until a patient discovered it and reported it to the hospital, which then removed the post and reported the breach.

To read the original Times article, visit www.nytimes.com/2011/09/09/us/09breach.html.

Other Articles in this issue of

Part B Insider (Multispecialty) Coding Alert

View All