Industry Insights

View the latest articles from industry insiders or use the drop-down function to search by category.   

Employed Physicians: Risk Exposure Paradigm

April 20, 2017 | By: Tim Bone, MedMal Direct Chief Claims Officer

Recent medical school graduates and/or seasoned providers are increasingly made aware of the option to work as a hospital employee; under this employment arrangement, it is important to consider professional liability exposure. From the purchase of a physician’s “tail” coverage to the choice of captive versus commercial coverage, or the joint defense of a lawsuit, all aspects of these essential components of this new risk exposure paradigm must be considered from the point of view of both the physician and hospital.


$2.5 Million Settlement Shows That Not Understanding HIPAA Requirements Creates Risk

April 18, 2017

Here is yet another OCR case involving a single stolen laptop which then led to further investigation by OCR and that investigation showed a lack of policies and procedures which may have prevented this event. The lack of policies has been at the root of all major settlements and the corrective action plans instituted by the OCR is going to be a very long and “painful” process for CardioNet. These incidents are the reason all covered entities and business associates must have a Security Risk Assessment and implement policies and procedures.  


Overlooking Risks Leads to Breach, $400,000 Settlement

April 09, 2017

Each day we hear more information on OCR investigations into HIPAA Privacy and Security breaches throughout the United States.  Most of the settlements we learn about have come around from self reported breaches that occurred as much as 5 years ago and the cases are just resolving.  The case below emphasizes the need to do a thorough Security Risk Assessment to avoid a potential breach and maintain patient privacy.  It also emphasizes that a risk management plan is part of what they look for which in this case could have mitigated the settlement amount had the practice done a thorough job.  Consider doing a SRA or reviewing your current one today and updating it annually.  Also don’t forget to do an RCA (root cause analysis) post breach or incident which will aid in determining probability of reoccurrence and validity of current P&P.


Text Messaging and HIPAA, Privacy and Confidentiality

April 06, 2017 | By: Michelle Bilsky, CHCO, LHRM, MLA, CBA

Text messaging has become popular in the health care field, permitting providers to multitask and to communicate more quickly than with phone calls. Despite these benefits, health care providers should be aware of the potential consequences under HIPAA and the HITECH Act (collectively, “HIPAA”) of permitting staff to text patient information. “Text messaging” encompasses any communication service or application that enables transmission of electronic written messages between two or more mobile devices.