Anonymous wrote:She made a mistake, not her spouse.

I received the letter. I am satisfied with Foxhall’s handling of the matter.

Anonymous wrote:

Anonymous wrote:Demographic information without any accompanying health information is not protected under HIPAA. Whether she violated her employment or non-compete contract is another question that no one here can answer without a copy of that contract. But I’m guessing since she’s married to Eric Holder, she knows exactly what she can do under the terms of her contract.

https://www.hipaajournal.com/is-it-a-hipaa-violation-to-email-patient-names/

Patient names (first and last name or last name and initial) are one of the 18 identifiers classed as protected health information (PHI) in the HIPAA Privacy Rule.

*******

Patients names and other PHI should only be sent to individuals authorized to receive that information, so care must be taken to ensure the email is addressed correctly. Sending an email containing PHI to an incorrect recipient would be an unauthorized disclosure and a violation of HIPAA.

https://www.hipaajournal.com/considered-phi-hipaa/

Therefore, PHI includes health records, health histories, lab test results, and medical bills. Essentially, all health information is considered PHI when it includes individual HIPAA identifiers. Demographic information is also considered PHI under HIPAA Rules, as are many common identifiers such as patient names, Social Security numbers, Driver’s license numbers, insurance details, and birth dates, that when they are linked with health information become HIPAA identifiers.
The 18 HIPAA identifiers that make health information PHI are:
Names
Dates, except year
Telephone numbers
Geographic data
FAX numbers
Social Security numbers
Email addresses
Medical record numbers
Account numbers
Health plan beneficiary numbers
Certificate/license numbers
Vehicle identifiers and serial numbers including license plates
Web URLs
Device identifiers and serial numbers
Internet protocol addresses
Full face photos and comparable images
Biometric identifiers (i.e. retinal scan, fingerprints)
Any unique identifying number or code
One or more of these HIPAA identifiers turns health information into PHI, and PHI HIPAA Privacy Rule restrictions will then apply which limit uses and disclosures of the information. HIPAA covered entities and their business associates will also need to ensure appropriate technical, physical, and administrative safeguards are implemented to ensure the confidentiality, integrity, and availability of PHI as stipulated in the HIPAA Security Rule.

Anonymous wrote:She took each person’s name email and health insurance provider. The letter referenced HPPA in the opening paragraph.

Anonymous wrote:I'd be interested in joining a class action suit regarding this

Anonymous wrote:

Anonymous wrote:

Anonymous wrote:Demographic information without any accompanying health information is not protected under HIPAA. Whether she violated her employment or non-compete contract is another question that no one here can answer without a copy of that contract. But I’m guessing since she’s married to Eric Holder, she knows exactly what she can do under the terms of her contract.

https://www.hipaajournal.com/is-it-a-hipaa-violation-to-email-patient-names/

Patient names (first and last name or last name and initial) are one of the 18 identifiers classed as protected health information (PHI) in the HIPAA Privacy Rule.

*******

Patients names and other PHI should only be sent to individuals authorized to receive that information, so care must be taken to ensure the email is addressed correctly. Sending an email containing PHI to an incorrect recipient would be an unauthorized disclosure and a violation of HIPAA.

https://www.hipaajournal.com/considered-phi-hipaa/

Therefore, PHI includes health records, health histories, lab test results, and medical bills. Essentially, all health information is considered PHI when it includes individual HIPAA identifiers. Demographic information is also considered PHI under HIPAA Rules, as are many common identifiers such as patient names, Social Security numbers, Driver’s license numbers, insurance details, and birth dates, that when they are linked with health information become HIPAA identifiers.
The 18 HIPAA identifiers that make health information PHI are:
Names
Dates, except year
Telephone numbers
Geographic data
FAX numbers
Social Security numbers
Email addresses
Medical record numbers
Account numbers
Health plan beneficiary numbers
Certificate/license numbers
Vehicle identifiers and serial numbers including license plates
Web URLs
Device identifiers and serial numbers
Internet protocol addresses
Full face photos and comparable images
Biometric identifiers (i.e. retinal scan, fingerprints)
Any unique identifying number or code
One or more of these HIPAA identifiers turns health information into PHI, and PHI HIPAA Privacy Rule restrictions will then apply which limit uses and disclosures of the information. HIPAA covered entities and their business associates will also need to ensure appropriate technical, physical, and administrative safeguards are implemented to ensure the confidentiality, integrity, and availability of PHI as stipulated in the HIPAA Security Rule.

Thank you.

Anonymous wrote:What she did was unethical at best.

I don't know anyone who went to her the "loved her" her reviews were bad online. They seem to have disappeared. Not a surprise Yelp and google do that all the time.

Anonymous wrote:I don’t know. Even if we assume the worst, that she knowingly violated HIPAA (which I don’t assume) I still don’t see the actual harm to any of the patients violated, myself being one of them.

Anonymous wrote:I don’t know. Even if we assume the worst, that she knowingly violated HIPAA (which I don’t assume) I still don’t see the actual harm to any of the patients violated, myself being one of them.

Anonymous wrote:I don’t know. Even if we assume the worst, that she knowingly violated HIPAA (which I don’t assume) I still don’t see the actual harm to any of the patients violated, myself being one of them.

Anonymous wrote:

Anonymous wrote:I dunno. If I have a doctor, my relationship is with them, not the firm. I appreciate knowing where they land.

+1 That’s how it works for lawyers.