Lawyers lie in wait for HIPAA?
Information Security Magazine, April 2003 – News and Analysis:
‘Attorneys nationwide reportedly plan to deploy decoy patients at health care organizations to see if doctors, dentists, hospitals and insurance companies have the policies, procedures and protections that ensure patients’ privacy, as required by the federal Health Insurance Portability and Accountability Act (HIPAA). Those that don’t comply risk hefty fines, possible criminal prosecution and costly civil lawsuits. Companies have had two years to educate staff, designate a privacy officer and adopt basic security measures. But there’s a good chance some providers will miss the deadline. … The threat of lawsuits may be a stronger motivator than government fines or jail time, says Kate Borten, a security consultant and president of The Marblehead Group in Massachusetts.
“The government has publicly stated it will be very forgiving if an organization demonstrates it meant well and has taken steps to become compliant,” Borten says. “The greater concern is the private lawsuit or bad press in a local community that will hurt business.”’
