At a recent Lawyers Connecting™ meeting, Vic Miceli, a principal of Des Plaines Office Equipment, rose for his presentation. I’m usually a bit groggy at the morning, and immediately thought, “Why did I roll out of bed this early to learn about office equipment?” I soon found out.
Vic started his presentation by discussing the existence of latent, private protected health information (“PHI”) found on copiers, computers and just about any device that has a hard drive. Among other things, he spoke of the action needed to remove PMI when this equipment is no longer being used by as medical practice.
We’re all familiar with the Health Insurance Portability and Accountability Act (HIPAA) enacted in 1996. The enforcement rules in HIPPA set civil money penalties for violating HIPAA rules, and established procedures for investigations and hearings for alleged HIPAA violations. However, its deterrent effect has been negligible, resulting in few prosecutions for violations. After all, when was the last time you went to a doctor’s office and was handed a HIPPA disclosure document?
Now enters the Health Information Technology for Economic and Clinical Health Act (“HIGHTECH”) and its own set of privacy requirements. Vic noted that HIGHTECH puts teeth into the provisions of the now often-ignored privacy requirements of HIPPA. Among other things, HITECH addresses the privacy and security concerns associated with the electronic transmission of PHI. This is of particular interest to me, since I represent many healthcare professionals whose practice submits electronic medical records on a daily basis.
Perhaps the most important thing I learned from Vic that is the next time I attend one of Vic’s morning presentations, it merits going to bed early. – Richard A. Crane, 7/4/11