$3,000,000 spent and nothing picked up by insurance!

August 26, 2010

Sorry for the absence but things have been crazy around the office and I let blogging get left behind. While I’ve been gone there has been a ton of data breaches and other related events happening so I hope you’ve been able to keep up. While reading an article today I found one that might hit home for some of you. A data storage company suffered a breach and lost HIPAA information for a large number of patients. That information caused the client to spend over $3,000,000 dollars to comply with the breach notification laws.

The client has come back on the storage company who reported the loss to their insurance company only to find out a breach of data isn’t covered on the general liability policy. This is an instance that a cyber liability or data privacy policy would respond to. Because the broker wasn’t educated in the space, someone is going to have to come up with over $3,000,000 to reimburse the client for their expenditures. This isn’t a situation I’d want to find myself in.

To read the entire article, click here.


Data Privacy is Important to Medical Entities

June 10, 2009

Because of the new legislation that has resulted in changes to the Healthcare IT Policy, a greater number of medical providers will be exposed to data privacy exposures.  Although providers such as doctors and hospitals are not required to adopt and use electronic health records, beginning in 2011 if they have not switched, their Medicare and Medicaid reimbursements will be reduced.  According to attorney Charles Myers, “The Congressional Budget Office estimates that approximately 90 percent of doctors and 70 percent of hospitals will be using comprehensive electronic health records within the next decade.”[1]  The new legislation has also made HIPAA defined “business associates” directly accountable to the government in the event of a data breach.  In the past, the provider or health plan would be held liable for the breach.[2]  Along with these changes, there are also new regulations about notifying patients when a breach occurs. 


[1]Examining Changes in Healthcare IT Policy.” Ingram’s. February 2009. 

[2]Stimulus for medical records broadens HIPAA liability.” Kansas City Business Journal. March 6-12, 2009.

Healthcare IT Spending

May 29, 2009

It was announced today that the government is releasing an additional $81.7 million funding to expand community health center services; this money is outside of the stimulus package.  

According to the healthcare IT News, “Health center directors on the press call agreed that funding for healthcare IT in community care centers would be beneficial. Mary Bufwack, CEO of United Health Services, a community health center in Nashville, Tenn., said her system already has basic electronic health records in at least five sites. EHRs, she said, help to avoid duplication of services and keep medication information accurate in a population that often tends to be transient.”

Click here to read the entire article: http://www.healthcareitnews.com/news/community-health-center-directors-say-hit-holds-promise-care