Insights
Public Still Must Be Kept Private Under HIPAA
By Glory Francke, Adam H. Greene, and Rebecca L. Williams
05.16.17
A not-for-profit health care system recently agreed to pay the Department of Health and Human Services (HHS) $2.4 million as part of a settlement over potential Health Insurance Portability and Accountability Act (HIPAA) violations. The incident at issue involved the system releasing a patient’s name to the press, consumer advocacy groups, and politicians following a highly-publicized event at a clinic.
The lesson: covered entities and business associates should educate their public relations staff and leadership about what qualifies as “protected health information” (PHI) and that PHI may be disclosed only as permitted by HIPAA, regardless of whether the information is already known publicly.
Read the full article here.
Related Insights
06.17.25
Insights
Trump Reverses Key Directives of Biden Cyber Executive Order, Maintains Others Read More 06.11.25
Insights
State Privacy Laws
Arkansas Adopts Privacy Law To Extend COPPA-Like Protections to Teens Read More