Guard against liability when someone else mishandles your practice’s patient records.
True story: A journalist reported finding patient medical records at a trash transfer station. An investigation revealed that a Massachusetts physician group’s billing company improperly disposed of the private health information (PHI). Although there was no direct evidence of patient harm, a court ruled this event a security breach under the new Health Insurance Portability Accountability Act (HIPAA) Omnibus Rule. The physician group was fined $140,000.