The front page of the New York Times today carried a story by Pam Belluck on a hospital’s promotional webcast of Shila Renee Mullins’s brain surgery to extract a malignant tumor, which raised conflicting opinion is about the wisdom, benefit and ethics of the public dissemination of personal medical information, even if consensual, and the public access to dramatic interventional medical procedures. Some hospitals are featuring twittering during operations in order to apprise relatives and others of the progress of thee procedure in real time.
Continue reading "INTERNET MEDICINE: PART VII – PUBLIC, PROPRIETARY AND PRIVACY TENSIONS IN MEDICAL DEVICES." »
The growing interoperability between medical devices and electronic medical records gives rise to new opportunities in the transmittal and collection of vital medical data. New vulnerabilities arise as well. Last month, the Internet Storm Center sponsored by SANS (SysAdmin, Audit, Network, Security Institute) warned that the Conflicker worm had infected approximately ten million internet devices including MRIs. SANS is a cooperative research and education organization that since 1989 has specialized in information security technology training and awareness.
The Conflicker worm attacks holes in Windows OS with advanced malware techniques. It is the largest worm infection since the SQL Slammer worm. Many of the infected devices were not designed for internet connectivity. The efficacy of the infection repair is complicated by a FDA regulation which limits the ability to issue an internet “patch” for 90 days, and apparent triumph of law over common sense in crisis with a unique and unanticipated need.
Continue reading "INTERNET MEDICINE: PART VI –CHALLENGES TO DATA SECURITY IN INTERNET MEDICAL DEVICE INFORMATION LINKS." »
There is a growing proliferation of on-line personal health records companies who undertake to warehouse and store personal health records for consumers on line. Four of the most prominent of these companies are Google Health, Microsoft Health Vault, RevolutionHealth Health Records and WebMD Personal Health Records. On April 20, 2009, the FTC took a first step in providing notice of breach standards for these companies by offering a proposed rule for public comment. The Rule will be available for public comment until June 1, 2009, with the intent to make the final rule effective in September, 2009. The Proposed Rule can be found at 74 Fed. Reg. 17914. and is slated to be included in the Code of Federal Regulations at 16 CFR § 318. The FTC's action is a mandate under the American Recovery and Reinvestment Act of 2009
Continue reading "INTERNET MEDICINE PART III: FTC issues Notice of Rule Regarding Breach of Security of Personal Health Records." »
Two recent federal district court cases that raised physician concerns about privacy were unceremoniously rejected on motion. In William Andrew Rinell, M.D. and Alan B. Whitehouse, M.D. v. Private Healthcare Systems and The Capella Group, Civil Action No. 106-176 (S. Dist. of Georgia, Augusta Div. 2007), the Plaintiff physicians sought damages in tort against a Preferred Provider Organization (“PPO”) with whom they had entered provider contracts and a discount card company who had purchased provider information and discount data from the PPO. The physicians argued that their agreements with the PPOs did not contemplate the sale of their information to a purchaser who was not an insurance company and that the sale of such information was a breach of privacy or of some other kind of tort arising out of the contractual duties created by the physicians’ contracts with the PPO. The court refused to recognize a claim sounding in tort and held that any claim arising out of the contract was fundamentally a contract claim and that since the Plaintiffs did not include a contract claim in its complaint, the complaint must be dismissed.
Continue reading "PHYSICIAN PRIVACY SUITS DUMPED" »
Several years ago this writer represented Dr. William Catalona in a dispute with the Washington University of St. Louis over the right to control blood, tissue, and DNA samples collected by Dr. Catalona at the University’s Medical School since the late 1980’s. The collection sometimes referred to as the “Catalona Collection” is maintained in 20 liquid nitrogen freezers at the school. It contains more than 270,000 blood and tissue samples from over 30,000 donors. Dr. Catalona used the “collection” to show that prostate-specific antigen (“PSA”) was a useful screening test for prostate cancer. Dr. Catalona left Washington University in February of 2003 and moved to Northwestern University, because of restrictions placed by Washington University on his access to the materials and other reasons. He requested and was refused the opportunity to take the materials with him to Northwestern. During the negotiations the University, while requesting additional time to respond to a position taken by Dr. Catalona, commenced a suit in the Federal District Court for the Eastern District of Missouri, Eastern Division, seeking a court determination that the materials belonged to the University. See Washington University of St. Louis v. William Catalona, M.D., Case No. 4:03CV1065SNL(E.D. MO, Eastern Div.)
Continue reading "INFORMED CONSENT DON’T MEAN NO THING WHEN IT COMES TO DONATION OF BODY PARTS." »
In the genre of man bites dog stories, a New Jersey appellate court heard arguments on September 27 of this year in the case of Community Hospital Group v. Blume Goldfaden, Berkowitz, Donnelly, Fried and Forte. JFK Medical Center in Edison, New Jersey, who is presumably a member of the Community Hospital Group, is appealing the dismissal of its Healthcare Insurance Portability and Accountability Act of 1996 (“HIPAA”) lawsuit against a prominent New Jersey malpractice plaintiffs firm who is representing plaintiffs in six malpractice cases against it for negligent reading of pap smears.
Continue reading "Hospital Bites Plaintiff Law Firm in HIPAA Dispute" »
There appears to be a wide-spread belief among those in the business and profession of medicine that the Privacy rules propounded under the Healthcare Insurance Portability and Accountability Act of 1996, 42 U.S.C.A. § 1320d-2 (C)(2) (“HIPAA”), created a new federal privilege buttressing the privacy of personal medical records from unauthorized disclosure.
Continue reading "Healthcare Insurance Portability and Accountability Act ("HIPAA") Offers No Medical Records Privileges In Federal Question Cases." »
Last Friday, November 5, Judge Ricardo Martinez, U.S. District Court Judge for the Western District of Washington, sentenced Richard W. Gibson, 42, of SeaTac, Washington to 16 months in federal prison for violation of the criminal provisions of the Health Insurance Portability and Accountability Act of 1996, 42 U.S.C. § 1320d-6 ("HIPAA"). Last August, Mr. Gibson's plea bargain was widely heralded as the federal governments first HIPAA connection, with the portent of a wider reach for the Act than previously contemplated by the health care industry.
Continue reading "First Fake Federal HIPAA Conviction" »
A Florida Court of Appeals panel today issued its decision confirming the denial of Rush Limbaugh's effort to suppress the disclosure of his medical records seized by a police warrant as part of an investigation into Limbaugh's use of pain killing drugs, Hydrocondone and Oxycontin "over the course of many years." The seizure was part of an investigation into whether Limbaugh violated Florida's "doctor shopping" statute which requires patients to disclose to a physician that he or she has received a prescription for a controlled drug of like therapeutic use within the previous 30 days.
Continue reading "Rush To Judgment On Limbaugh Medical Records." »
The State of Texas, always a fertile ground for interesting litigation, decided to sue itself over its own HIPAA interpretation, by State Attorney General Greg Abbott(R). The Texas Department of Mental Health and Mental Retardation v. Abbott, Tex. Dist. Ct., No GV400344 filed on March 11, 2004 seeks to overturn an opinion issued by the Attorney General on February 13, 2004 wherein he opined that state agencies must bow to the Texas Public Information Act as trumping the non-disclosure provisions of personal health information under the Healthcare Insurance Portability and accountability Act.
Continue reading "State of Texas sues itself over HIPAA Ruling" »
