logo
logo
logo
MENU
Categories
Hospitals and Health Systems - Audits and ReimbursementHospitals and Health Systems - Consent and TreatmentHospitals and Health Systems - Corporate and GovernanceHospitals and Health Systems - Corporate ComplianceHospitals and Health Systems - Fraud and AbuseHospitals and Health Systems - Government InvestigationsHospitals and Health Systems - Health RecordsHospitals and Health Systems - HIPAA and HITECHHospitals and Health Systems - Managed CareHospitals and Health Systems - Medical Staff IssuesHospitals and Health Systems - Medical Training ProgramsHospitals and Health Systems - MedicareHospitals and Health Systems - Mergers, Affiliations and Joint VenturesHospitals and Health Systems - Peer ReviewHospitals and Health Systems - Professional Services AgreementsMedical SocietiesPharmaceutical Industry - Agreements with PhysiciansPharmaceutical Industry - Clinical ResearchPharmaceutical Industry - Regulatory CompliancePhysicians and Providers - Audits and ReimbursementPhysicians and Providers - CertificationsPhysicians and Providers - CredentialingPhysicians and Providers - Disciplinary ActionsPhysicians and Providers - Employment AgreementsPhysicians and Providers - Fraud and AbusePhysicians and Providers - Government InvestigationsPhysicians and Providers - HIPAA and PrivacyPhysicians and Providers - ImpairmentPhysicians and Providers - LicensingPhysicians and Providers - LitigationPhysicians and Providers - MedicarePhysicians and Providers - Peer ReviewPhysicians and Providers - Practice AcquisitionsPhysicians and Providers - Practice IssuesPhysicians and Providers - Regulatory CompliancePhysicians and Providers - SupervisionPhysicians and Providers - TrainingUncategorized
Sandra Jarva Weiss
Member
Sandra Jarva Weiss
Visit Profile

The Targeting of Private Medical Office Data

Medical offices throughout the country are being targeted for the conversion of their data for illegal purposes. Most of what we hear about in the news concerns data breaches experienced by large corporations, involving information belonging to millions of individuals. Although these breaches affect many more people, they make privacy efforts of individual and group practitioners no less important.

Every medical office has, within its medical records and computer systems, personal information about every patient seen in their office. Once compromised, that information can lead to a lifetime of efforts to restore a patient’s identity, credit rating, and monetary benefits.

In addition to information such as birth dates and social security numbers, many patient records contain credit card and banking information, private health information, and information about the patient’s family, employment, and medications.

Medical offices must have installed on their computers data privacy protocols and safety protection systems that comply with federal and state privacy requirements.

Also, it is important to recognize that not all data breaches are computer-based. Data breaches can result from an actual hack of your computer system, improperly disposing of hard copy records, or a stolen laptop or cell phone.

Under federal and state law, data breaches require action — potentially exposed patients must be notified and credit monitoring provided to them. An analysis must be undertaken to determine how the breach occurred and an action plan developed to prevent a reoccurrence.

In all cases, a preemptive analysis of a practice’s potential exposure is well advised. We highly recommend practices determine whether to purchase Cyber Liability Insurance to offset some of the excessive costs of complying with all the post-breach requirements.

No medical practice can function without patient data, but that very same data can become its downfall if not properly protected and compliant with applicable laws.

If you have any questions on this or any other related matters, please contact Sandra Jarva Weiss, Chair of the Health Care and Life Sciences Practice Group, at sjarvaweiss@norris-law.com.
Share
Related Posts
When a Patient Refuses to Listen to Their Doctor
Need for Academic Medical Centers to Change Model
What Is the Retention Requirement for a Minor’s Medical Records in New Jersey?
Sandra Jarva Weiss
Member
Sandra Jarva Weiss
Visit Profile
Related Posts
When a Patient Refuses to Listen to Their Doctor
Need for Academic Medical Centers to Change Model
What Is the Retention Requirement for a Minor’s Medical Records in New Jersey?
Share
Join our growing team
We are looking for quality attorneys to help us do more for our clients. At Norris McLaughlin, each attorney has the same opportunity to succeed whether you’re at the beginning of a career or pinnacle of the profession.
Subscribe to our content
Receive timely legal information
delivered to your inbox
Subscribe to our content
Receive timely legal information
delivered to your inbox
© 2022, Norris McLaughlin, P.A., All Rights Reserved. Attorney Advertising.
Meritas

We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume you consent to our cookie policy. Learn more