[ Monday, May 05, 2003 ]


Pamela Jones, an alert HIPAA contributor with Medabiliti Software (check them out), alerted me to an e-mail from Ron Panzer with Hospice Patients Alliance, an advocacy group, on the filing of the first HIPAA complaint, against a hospice organization in Florida. The complaint was filed by Hospice Patients Alliance against Hospice of the Florida Suncoast and its for-profit subsidiary, Suncoast Solutions. As you can see from this link, it seems like the Suncoast folks have made quite a few enemies along the way. This sort of reminds me of the HealthSouth bulletin board on Yahoo, which was overrun by folks complaining about CEO Richard Scrushy (or as it was usually spelled on the bulletin board, Screw-She).

Mr. Panzer's e-mail, posted on the HIPAAlive discussion site, outlined why they filed the complaint:

Having filed the first HIPAA complaint in the USA, Hospice Patients Alliance looks forward to seeing if the privacy
protections built into HIPAA will actually be enforced. While every provider in the country has frantically been working round
the clock to comply with HIPAA, nobody knows what OCR will actually do when it finds violations.

We filed our complaint against a hospice in Florida, Hospice of the Florida Suncoast, which has a for-profit subsidiary, Suncoast Solutions. Suncoast makes software for hospice record-keeping and used ACTUAL patient data in its marketing, promotions, help screens and elsewhere throughout the software. Hundreds of real patients' and patients' families' information was released to about 100 hospices all over the USA, exposing this PHI to thousands of staff in these completely different hospice corporations. While Suncoast used a few obviously false names in a few situations, we have verified that real patient data is in the software and notified HHS/OCR in order to bring Suncoast into compliance with the privacy regulations. We would never had done so, except that the hospice had been warned repeatedly over a two year period to stop breaching confidentiality through Suncoast and refused and continues to refuse to correct the breach. The continued breach of confidentiality at Suncoast is one of the most bewildering and bizarre confidentiality breaches I have ever read about and constitutes one of the most severe breaches in US history.

If true, this is extreme laziness, at a minimum. Inexcusable.

Jeff [3:00 PM]

Comments: Post a Comment
http://www.blogger.com/template-edit.g?blogID=3380636 Blogger: HIPAA Blog - Edit your Template