Ransomware has been sickening healthcare institutions. It has become a plague.
Healthcare’s Ransomware Epidemic
Category: Health Privacy
Posts about Health Privacy by Professor Daniel J. Solove for his blog at TeachPrivacy, a privacy awareness and security training company.
Is HIPAA Enforcement Too Lax?
By Daniel J. Solove ProPublica has been running a series of lengthy articles about HHS Office for Civil Rights (OCR) enforcement that are worth reading. A Sustained and Vigorous Critique of OCR HIPAA Enforcement A ProPublica article from early in 2015 noted that HIPAA fines were quite rare. The article noted that from 2009 through […]
Blogging Highlights 2015: Health Privacy+Security Issues
I’ve been going through my blog posts from 2015 to find the ones I most want to highlight. Here are some selected posts about health privacy and security: Why HIPAA Matters: Medical ID Theft and the Human Cost of Health Privacy and Security Incidents
Why HIPAA Matters: Medical ID Theft and the Human Cost of Health Privacy and Security Incidents
By Daniel J. Solove Whenever I go to a doctor and am asked what I do for a living, I say that I focus on information privacy law. “HIPAA?” the doctors will ask. “Yes, HIPAA,” I confess. And then the doctor’s face turns grim. At first, it looks like the face of a doctor about […]
Patient Access to Medical Records Under HIPAA: Significant Reform Needed
by Daniel J. Solove Recently, I wrote about the challenges in accessing health information about family members. In this post, I will explore patients’ access to their own medical records. HIPAA doesn’t handle patient access to medical records very well. There are many misunderstandings about patient access under HIPAA that make it quite difficult for […]
HIPAA’s Friends and Family Network: Access to Health Information
by Daniel J. Solove Suppose your elderly mother is being treated at the hospital for a heart condition. Your mother tells her doctor that you can have access to her health information. The doctor, however, doesn’t disclose the information to you. The doctor thinks that you can only have the information with a signed written […]
Health Data Security in Crisis, Phase 2 Audits, and Other HIPAA Privacy + Security Updates
By Daniel J. Solove Co-authored with Professor Paul Schwartz This post is part of a post series where we round up some of the interesting news and resources we’re finding. We have split the health/HIPAA material from our updates on other topics. To see our updates for other topics, click here. For a PDF version […]
Myths About Privacy Law and the First Amendment
by Daniel J. Solove In Sorrell vs. IMS Health, 131 S. Ct. 2653 (2011), the Supreme Court struck down Vermont’s Prescription Confidentiality Law as a violation of the First Amendment right to free speech. The Vermont law restricted the sale and marketing use of information that would identify prescribers without their consent. The Supreme Court […]
The Health Data Breach and ID Theft Epidemic
By Daniel J. Solove When you go to the hospital, you might worry about catching a staph infection or pneumonia, but you should also worry about contracting a nasty case of medical identity theft. Most people suffer significant harm from medical ID theft, and few are completely cured. This ailment is spreading dramatically as data […]
Why the Anthem Data Breach Is Needlessly Harmful
By Daniel J. Solove Recently, Anthem, one of the largest health insurance providers, suffered a massive data breach involving personal data on up to 80 million people. According to Anthem, the data breached includes “names, dates of birth, member ID/ social security numbers, addresses, phone numbers, email addresses and employment information.”