One of the activities I want to start doing is to maintain a listing of publicized HIPAA breaches, fines, judgments, potential violations, etc. I have found many sites listing privacy breaches, but I have not been able to find a site with a listing of just HIPAA related incidents. I’ve contacted CMS and OCR about this, and they do not have such public listings. I was reminded of my plan to do this when reading an interesting story today about the CDC collecting medical and education records from a school district about a child with autism without seeking to obtain the parents’ consent. Reportedly the CDC did similar actions last year. Note that this is also a possible violation of the Family Educational Rights and Privacy Act (FERPA).
I will post other HIPAA-related incidents as I find them and dig up those from the past that I recall.
Technorati Tags
HIPAA
FERPA
CDC privacy
NAA privacy
medical privacy