Abstract
On average, $180 million could pay for 90,000 intensive care unit days, 225,000 regular inpatient days, or an extraordinary amount of outpatient care. Yet, that is the amount of money that the federal government, on behalf of the Veterans Affairs Healthcare System, may be spending—not on health care—but to settle a healthcare lawsuit. Filed in the fall of 2000, the lawsuit claims that, due to a lack of security, the computer system at any Veterans Affairs Healthcare facility has enabled workers to access personal and medical information about any patient or employee. Although the Veterans Affairs has installed a “software patch,” one can override this and still gain access to the information. Individuals also cite that their personal information is already noted and being used for criminal activity such as opening up credit cards in their names [1].
HIPAA provisions relating to electronic transactions, security, and privacy must be integrated, not only to protect information, but also to deliver quality health care.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Hopper ID. Employees sue Veterans Affairs, claiming breach of their privacy. Pittsburgh Post Gazette 2000 November 3. Sect A: 16.
A guide to the HIPAA rules, technology in practice. EC Media Group 2002 January/ February. p. 26.
Moynihan J, McLure M. HIPAA brings new requirements, new opportunities. Healthcare Financial Management 2000 March. p. 53–54.
Weiss SJ. Countdown to HIPAA compliance, managed care interface. Medicon International 2002 April. p. 57.
http://www.3com.com/Securitynet. “Information Security—It’s Up to You.” Accessed August 22, 2002.
Thieleman W. A patient-friendly approach to the record amendment process. J AHIMA 2002 May. p. 44.
Standards for privacy of individually identifiable health information. Department of Health and Human Services, Office of the Secretary; 2000 December 28; 45 CFR 164.530 j(2).
CPRI Toolkit. Computer-Based Patient Record Institute; 1999 February 1. p. 4: 3
CPRI Toolkit. Computer and information usage agreement. Computer-Based Patient Record Institute; 1999. p. 4: 3.
Bushman J, Krupp A. HIPAA implementation: a step-by-step guide. MGMA Legislative Conference, Washington, DC, April 22, 2002.
Hughes G. Practice brief—destruction of patient health information. J AHIMA 2000 April. p. 64A–64B.
http://www.hipaaadvisory.com/actionsecureqa/secure.htm. Accessed August 22, 2002.
Hughes G. Practice brief—notice of information practices. J AHIMA 2001 May. p. 64L.
Hughes G. Practice brief—patient access and amendment to health records. J AHIMA 2001 May. p. 64S–T.
Neville D. Six steps to compliance for small practices. J AHIMA 2001. p. 42.
Naughton-Travers J. Key to developing a regulatory compliance program. Behavioral Health Management 2001 July/August. p. 36.
Standards for privacy of individually identifiable health information. Department of Health and Human Services, Office of the Secretary; 2000 December 28; 45 CFR 160.306(b)(3).
CPRI Toolkit. Harvard Vanguard Policy on the disciplinary process for breach of patient confidentiality. Computer-Based Patient Record Institute; 1999. p. 4–46.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer Science+Business Media New York
About this chapter
Cite this chapter
Kiel, J.M. (2004). The Health Insurance Portability and Accountability Act: Confidentiality, Privacy, and Security. In: Ball, M.J., Weaver, C.A., Kiel, J.M. (eds) Healthcare Information Management Systems. Health Informatics Series. Springer, New York, NY. https://doi.org/10.1007/978-1-4757-4041-7_30
Download citation
DOI: https://doi.org/10.1007/978-1-4757-4041-7_30
Publisher Name: Springer, New York, NY
Print ISBN: 978-1-4419-2350-9
Online ISBN: 978-1-4757-4041-7
eBook Packages: Springer Book Archive