Jennifer Hennessy Comments on Settlement in HIPAA Violation Case

Foley & Lardner LLP partner Jennifer Hennessy is quoted in the Report on Medicare Compliance article, “Provider Settles HIPAA Case over Disclosing Too Much of a Patient’s PHI,” published by the Health Care Compliance Association.

Commenting on a recent settlement in case involving the disclosure of a patient’s protected health information (PHI) in violation of the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule, Hennessy said it is a reminder for medical record departments to pay close attention to PHI requests and patient authorizations before responding to them.

“The key is having medical record personnel who have been trained and understand the nuances of reviewing the requests that come in,” she explained, highlighting that entities covered under HIPAA should ensure that their medical records team understands that only the specifically listed information by patients or third parties should be provided.

“This is in addition to making sure the authorization or other request is valid under HIPAA to ensure disclosure is permitted in the first place,” she added.