[ Wednesday, June 25, 2014 ]


NRAD: a Long Island (NY) radiology practice has sent notices to almost 100,000 patients that a radiologist employee improperly accessed their personal information.  This is particularly interesting because HIPAA allows a covered entity to not send notice when the improper access is by an employee who might otherwise be allowed access to the data.  If the access was unintentional or done innocently, the radiology group might not have had to send the notice.  That implies that the practice thinks there's something wrong here.  Stay tuned. . . .

Jeff [9:22 AM]

Comments: Post a Comment
http://www.blogger.com/template-edit.g?blogID=3380636 Blogger: HIPAA Blog - Edit your Template