Every patient who has visited a health care provider, have been affected by someone breaching his or her confidentiality and not maintaining the privacy of their medical records. Even individuals who are celebrities have incidents where his or her medical information is accessed by unauthorized individuals. HITECH Act provisional rule of breach notification states that healthcare organizations must report breaches that affect 500 or more individuals to federal authorities, the media, and persons affected within 60 days (Henderson, 2009). For example, some insurance companies may consider taking care of breaches promptly by sending out bulletins to report information breaches and encrypted data to state authorities with five calendar days (Anderson, 2010). Separate data breach notification statue recommends that every business report breaches of computerized personal information without any delays. The Health Net breach incident in 2009 involves the loss of an unencrypted portable disk drive (Anderson, 2010). The disk was holding records for about 500,000 enrollees in Connecticut and more than 1.5 million consumers nationwide (Anderson, 2010). This drive included 28 million scanned, unencrypted pages of important documents; appeals, claims, grievances, membership forms (Anderson, 2010). The information in the …show more content…
Other issues include healthcare providers answering the phone, having conversations in public settings, threats of selling celebrities stories to the news media, and accessing patients health information and electronic medical records regardless of he or she is a celebrity or not (Henderson, 2009). The article also states that “the state public health authorities in July released findings that more than 60 employees at the UCLA Medical Center improperly accessed patient’s records” (Henderson, 2009). As a result, one former employees sold celebrity medical records to the news channels. Lists of victimized celebrities will continue to grow, however emphasizing these incidents should dramatize and demonstrate the type of damages that can result from patient privacy not being