Five Ways to Prevent Patient Information Breaches

Dom Nicastro, for HealthLeaders Media , November 16, 2009

Editor's note: This is the first in a three-part series about breach notifications. The first installment focuses on preventing breaches.

The U.S. Department of Health and Human Services (HHS) on August 19 released its interim final rule on breach notification of unsecure protected health information (PHI) and the acceptable methods for covered entities (CE) and business associates (BA) to encrypt and destroy patient records in order to prevent breaches.

The PHI breach notification regulations took effect September 23. However, HHS will not enforce the rule until February 22, 2010, or thereabouts.

Although CEs and BAs should have breach notification policies in place, they must also know how to prevent breaches.

"You don't get to the HITECH until you have a privacy breach," says Andrew E. Blustein, Esq., partner and cochair of Garfunkel, Wild & Travis' Health Information and Technology Group in Great Neck, NY; Hackensack, NJ; and Stamford, CT. "If you have good things in your privacy program, you should never get to it."

Comments are moderated. Please be patient.




FREE e-Newsletters Join the Council Subscribe to HL magazine


100 Winners Circle Suite 300
Brentwood, TN 37027


About | Advertise | Terms of Use | Privacy Policy | Reprints/Permissions | Contact
© HealthLeaders Media 2015 a division of BLR All rights reserved.