The information shared includes: patient account number (a number used solely by the hospital for purposes of identification), date of service, CPT code and description of health care services that the patient received.
"the physician had improperly shared PHI with his wife between January 2010 and November 2013." - PHIprivacy.netIt is unclear why the breaches were allowed to continue for three years or how they were discovered. Healthcare organizations seeking to proactively detect data privacy breaches can utilize low-cost on-demand SaaS analytics services.
Learn how to proactively detect identity theft and unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.Sources:
(a) Required HIPAA breach notification or political dirty trick? - www.PHIprivacy.net, 01/15/2014