“Health nuts are going to feel stupid someday, lying in hospitals dying of nothing.”
—Redd Foxx
Top Story
When a patient goes to the hospital they don’t think twice about telling a nurse or a receptionist their personal information. A hospital’s first job is to treat patients, but it doesn’t end there. They are also responsible for protecting the personal information of the patients. In the recent past, data hackers have been seen more frequently, an their interest in hospitals has increased. It is now becoming more imperative for hospitals to take the proper steps to secure this sensitive information, if they don’t, they may be looking at quite extensive financial penalties from not only fines and penalties but also lawsuits.
Where did this Breach Occur
Hayward Sisters Hospital reported a data breach with the Attorney General of California on January 12, 2023. Hayward Sisters Hospital is a part of the St. Rose Hospital system which is a community based hospital in Hayward, California. They offer a range of services including diagnostic imaging, rehabilitation, surgery, a birthing center, and more. Over 522 people are employed by them, and they make over $100 million in annual revenue.
What information was Impacted
It was found that an unauthorized party accessed and removed files from their network containing sensitive patient information. The unauthorized party was able to get information such as patients’ names, date of birth, home addresses, and more. After the breach was confirmed, St. Rose Hospital sent data breach notification letters to all who were impacted by the security incident.
What Information do we Know
All available information on the breach comes from California’s Attorney General. On November 29, 2022 St. Rose Hospital spotted suspicious activity in the computer network. The hospital began working with a computer forensic specialist to look into the incident deeper and determine what and whose information had been leaked.
The investigation confirmed that an unauthorized party had access to the network starting November 18, 2022. This is when files containing sensitive information were first removed.
Diamond of the Week
The Food and Drug Administration 💎
The FDA just approved the first over the counter birth control pill. The pill called Opill will be available in 2024, but the cost has not been released. Many women are struggling to get timely appointments with there OBGYN’s creating a rise in unintended pregnancies. The Opill was approved after a huge wave of support for over-the-counter birth control has been seen. To read more on the Opill click here.
Who’s the WOAT
The World Health Organization 😡
The WHO recently came out with a statement saying that aspartame could possibly be a carcinogen. Aspartame is one of the most common artificial sweeteners, as well as the most studied. The Food and Drug Administration has disagreed with the science behind the WHO’s statement. To read more on the WHO’s and the FDA’s perspective click here.
Who Knew
HIPAA allows for the disclosure of protected health information (PHI) without patient authorization in certain circumstances, such as for research purposes. However, there are specific requirements that must be met to ensure the privacy and confidentiality of the data.
Under HIPAA, researchers can access and use PHI for research purposes if they obtain approval from an Institutional Review Board (IRB) or Privacy Board. These boards review research proposals to ensure they meet ethical and privacy standards. They assess factors such as the necessity of using PHI, the potential benefits of the research, and the safeguards in place to protect patient privacy.
Additionally, HIPAA permits the use and disclosure of de-identified health information without patient authorization. De-identified information is data that has been stripped of specific identifiers, such as names, addresses, and social security numbers, making it unlikely to identify an individual.
These provisions reflect the balance between protecting patient privacy and enabling important research. HIPAA recognizes the value of research in advancing medical knowledge and treatments, while also ensuring that strict safeguards are in place to protect the privacy and confidentiality of individuals’ health information.
Upcoming Events
July 20th at 12:15 pm CDT
The #1 Compliance Toolkit For Your Independent Medical Practice
A Round of Applause For…
Carosh 👏
Carosh just launched our reseller relation with VENOPS. We will now be reselling their Exclusion Screening! Carosh also just sold this new service to our first client! Congratulations to the Carosh team!
Sources:
- Think You’re Compliant? Find Out!
- Carosh Compliance Solutions, 10769 Broadway #106, Crown Point, IN, 46307