- 0Sep 13, '13 by AOttingerWho is liable when HIPAA is breached? I've been looking everywhere and cannot seem to find the answer to it. I know if an individual knowingly breached HIPAA they can incur a fine, but I'm not sure what happens when there is an unknown breach of HIPAA, such as someone leaving their screen up and walking away.
- 0Sep 13, '13 by GrnTeaThere's a whole HIPAA forum, but the brief answer is, it depends. There's a difference between the hospital policy breach where PHI is inadvertently exposed to a staffer who knows enough to shut it down but it goes no further and no one is harmed (this can get you reprimanded or fired by an employer) and the breach of PHI where it gets out to where it REALLY shouldn't be, and someone is damaged by the release (this gets the hospital a big fine from the Feds).
Some idiot who takes a picture of a patient and puts it on FB will get fired. His/her employer will get fined, because the Feds look at him/her as an employee who ought to have been taught better or supervised better, and that's the employer's fault.
That's a real quick and dirty, but I hope it helps you think about how it works.Do go to the Nursing>HIPAA forum and look at the stickie at the bottom for more info and links to the HIPAA FAQs. They'll help you.
- 2Sep 14, '13 by elkparkQuote from AOttingerThe example you give is not an "unknown" breach. Every hospital I've worked at since the advent of computers in healthcare (yes, I do predate them ) has spelled out in plain English and stressed repeatedly during orientation that you are personally and completely responsible for whatever happens under your log-in. If you choose to walk away from a computer without shutting down the screen and logging out, you are responsible and will be held accountable for whatever anyone else does on the computer under your log-in. That would include someone accessing protected information to which s/he is not entitled.I know if an individual knowingly breached HIPAA they can incur a fine, but I'm not sure what happens when there is an unknown breach of HIPAA, such as someone leaving their screen up and walking away.
Get in the habit of always practicing good "computer hygiene."