Privacy & Security

With HIPAA breaches, no real answer when it comes to blame, expert says

Adam H. Greene, partner, Davis Wright Tremaine, says education, discretion can help reduce privacy infractions.
By Jessica Davis
March 02, 2016
06:01 PM

LAS VEGAS -- When it comes to HIPAA breaches, the number of providers, insurers and business associates failing to protect patient health information is so staggering it has many organizations looking to place blame.

But according to Adam H. Greene, partner, Davis Wright Tremaine, there's no clear culprit.

"I apologize, but I'm not going to be able to answer the question today of who is at fault during a HIPAA breach," Greene told attendees during a HIMSS16 session Wednesday on understanding the function of HIPAA breaches. "The government hasn't yet decided."

The truth is that it's difficult to navigate HIPAA issues when you consider the network of healthcare operations, he added. It's complex with many specifications.

[Also: See photos from Day 2 of HIMSS16]

The problem is many healthcare leaders aren't reporting what HIPAA constitutes as breaches, including data sent to the wrong entity but who doesn't access the record. This is a HIPAA violation that often goes unchecked.

According to Greene, it boils down to providers understanding that anyone who accesses a PHI record must have a valid reason to do so, and that includes employees and business associates. 

Furthermore, healthcare leaders can't assume that all connected entities are HIPAA compliant.

Adding to the complexity and confusion are individual state laws regarding medical info breaches, Greene said. Organizations struggle to determine what, if any laws, are being broken.

"You have to be sensitive to the fact that state laws versus HIPAA," he added. "You have to look at both. State laws focus on unauthorized access, like computer data. This differs from HIPAA, which extends to user exposure."

What healthcare leader needs to focus on to avoid breaches altogether is ensuring "everyone understands what protected health information is and that's there's guidance," he said. "The focus here, isn’t that this is the correct answer versus this is wrong answer." It's about getting everyone on the same page.

Twitter: @JessiefDavis

This story is part of our ongoing coverage of the HIMSS16 conference. Follow our live blog for real-time updates, and visit Destination HIMSS16 for a full rundown of our reporting from the show. For a selection of some of the best social media posts of the show, visit our Trending at #HIMSS16 hub.

Topics: 
Privacy & Security

More regional news

Dawn Cram of The Gordian Knot Group on imaging and AI

How AI helps deliver ROI for enterprise imaging efforts

By
Bill Siwicki
January 14, 2025
Nurse in mask and pink sweater types notes in a hospital hallway

AI roundup: News from Mayo Clinic, Google Cloud and more

By
Andrea Fox
January 14, 2025
Stacey Caywood of Wolters Kluwer Health on AI

AI will boost workflow, workforce development and patient safety in 2025

By
Bill Siwicki
January 13, 2025
Want to get more stories like this one? Get daily news updates from Healthcare IT News.
Your subscription has been saved.
Something went wrong. Please try again.

Top Story

Nurse in mask and pink sweater types notes in a hospital hallway
AI roundup: News from Mayo Clinic, Google Cloud and more

Most Read

DHS intros framework for AI safety and security, in healthcare and elsewhere
How to protect telemedicine from cyberattacks
Health system CIOs' strategic responsibilities continue to evolve
OIG again deems HHS' infosec program ineffective
OCR's HIPAA audit program lacked mettle, OIG says
Senators intro bipartisan bill to bolster healthcare cybersecurity

Research

White Papers

More Whitepapers

Artificial Intelligence
Patient Engagement
Patient Engagement

Webinars

More Webinars

Imaging
Interoperability
Artificial Intelligence

Video

Tack Lee at Inha University Hospital_HIMSS24 APAC
Inha University Hospital eyes Stage 7 EMRAM
William Morris at Ambience Healthcare_AI processor Photo byda-kuk/E+/Getty Images
The upsides and pitfalls of AI scribes in 2025
Jin-Young Park at Yongin Severance Hospital_HIMSS24 APAC
Data and digital at the core of a 'digital innovation hospital'
Deepak Prakash at Sonio_Data security illustration Photo by KrulUA/iStock/Getty Images Plus
Protecting maternal health data in 2025

More Stories

Brian Anderson of the Coalition for Health AI
Healthcare industry aligning on AI model cards, and other innovations
Stethoscope resting on tablet
HIMSSCast: A look ahead at 2025 trendlines
HIMSS Logo
HIMSS launches new member benefits, with research, analytics and other resources
Matt Kull at Inova Health System_Data blocks concept Photo by BlackJack3D1/E+/Getty Images
CIO Spotlight: Matt Kull of Inova Health System
CHAI Model Card
CHAI launches open-source healthcare AI nutrition label model card
David Kirshner at LogicSource_Stethoscope on various monetary denominations Photo by Aslan Alphan/E+/Getty Images
Raising supply chain performance in healthcare
Person on the phone holding pill bottle
Protect your brand reputation and your patients’ data
Doctors reviewing data on a digital tablet
What to expect in Asia-Pacific health IT in 2025?