PRIVACY + SECURITY BLOG

News, Developments, and Insights

Is HIPAA Enforcement Too Lax?

By Daniel J. Solove ProPublica has been running a series of lengthy articles about HHS Office for Civil Rights (OCR) enforcement that are worth reading. A Sustained and Vigorous Critique of OCR HIPAA Enforcement A ProPublica article from early in 2015 noted that HIPAA fines were quite rare. The article noted that from 2009 through […]

Read More…

Blogging Highlights 2015: Health Privacy+Security Issues

I’ve been going through my blog posts from 2015 to find the ones I most want to highlight.  Here are some selected posts about health privacy and security: Why HIPAA Matters: Medical ID Theft and the Human Cost of Health Privacy and Security Incidents […]

Read More…

Why HIPAA Matters: Medical ID Theft and the Human Cost of Health Privacy and Security Incidents

By Daniel J. Solove Whenever I go to a doctor and am asked what I do for a living, I say that I focus on information privacy law. “HIPAA?” the doctors will ask. “Yes, HIPAA,” I confess. And then the doctor’s face turns grim.  At first, it looks like the face of a doctor about […]

Read More…

Patient Access to Medical Records Under HIPAA: Significant Reform Needed

by Daniel J. Solove Recently, I wrote about the challenges in accessing health information about family members.  In this post, I will explore patients’ access to their own medical records. HIPAA doesn’t handle patient access to medical records very well. There are many misunderstandings about patient access under HIPAA that make it quite difficult for […]

Read More…

HIPAA’s Friends and Family Network: Access to Health Information

by Daniel J. Solove Suppose your elderly mother is being treated at the hospital for a heart condition. Your mother tells her doctor that you can have access to her health information. The doctor, however, doesn’t disclose the information to you. The doctor thinks that you can only have the information with a signed written […]

Read More…