Case Examples Organized by Issue

Topics on this page:

• Access
• Authorizations
• Business Associates
• Conditioning Compliance with the Privacy Rule
• Confidential Communications
• Disclosures to Avert a Serious Threat to Health or Safety
• Impermissible Uses and Disclosures
• Minimum Necessary
• Notice
• Restrictions
• Safeguards

Access

• Private Practice Revises Process to Provide Access to Records
• Private Practice Revises Process to Provide Access to Records
• Private Practice Revises Access Policy
• Private Practice Revises Access Procedure
• Mental Health Center Provides Access after Denial
• Mental Health Center Provides Access and Revises Policies and Procedures

Back to Top

Authorizations

• Large Provider Revises Process to Prevent Unauthorized Disclosures to Employers
• HMO Revises Process to Obtain Valid Authorizations
• Mental Health Center Provides Access after Denial

Back to Top

Business Associates

• Pharmacy Chain Enters into Business Associate Agreement

Back to Top

Conditioning Compliance with the Privacy Rule

• Private Practice Ceases Conditioning of Compliance with the Privacy Rule

Back to Top

Confidential Communications

• Hospital Implements New Policies for Telephone Messages
• Large Provider Revises Patient Contact Process

Back to Top

Disclosures to Avert a Serious Threat to Health or Safety

• Hospital Issues Guidelines Regarding Disclosures to Avert Threats to Health or Safety

Back to Top

Impermissible Uses and Disclosures

• Pharmacy Chain Changes Process for Disclosures to Law Enforcement
• Large Medicaid Plan Corrects Vulnerability that Had Resulted in Wrongful Disclosure
• National Pharmacy Chain Extends Protections for Protected Health Information
• Health Plan Corrects Impermissible Disclosure of Protected Health Information
• Large Provider Revises Process to Prevent Unauthorized Disclosures to Employers
• Public Hospital Corrects Impermissible Disclosure of Protected Health Information in Response to a Subpoena
• Outpatient Surgical Facility Corrects Privacy Procedure in Research Recruitment
• Clinic Sanctions Supervisor for Accessing Employee Medical Record
• Large Provider Revises Patient Contact Process
• Large Health Care Provider Restricts Use of Patient Records
• Hospital Revises Email Distribution as a Result of an Impermissible Disclosure
• Private Practice Revises Policies and Procedures Addressing Activities Preparatory to Research

Back to Top

Minimum Necessary

• Hospital Implements New Policies for Telephone Messages
• Dentist Changes Process to Safeguard PHI

Back to Top

Notice

• Mental Health Center Corrects Process for Providing Notice of Privacy Practices

Back to Top

Restrictions

• Mental Health Center Provides Access and Revises Policies and Procedures

Back to Top

Safeguards

• Pharmacy Chain Institutes New Safeguards for Protected Health Information
• Large Medicaid Plan Corrects Vulnerability that Had Resulted in Wrongful Disclosure
• Health Plan Corrects Computer Flaw that Caused Mailing of EOBs to Wrong Persons
• National Pharmacy Chain Extends Protections for Protected Health Information

Back to Top