Menu
What's new

Hospital Uses Nest Cameras

C

catcamstar

Known around here
Joined
Jan 28, 2018
Messages
1,659
Reaction score
1,193
Mark_M said:
This is just an opportunity waiting to happen for random voices to start speaking through the cameras.
Click to expand...
If this is in a psychiatric division of a hospital, that wouldn't bother anyone ;) "I see dead people" :D
 
TonyR

TonyR

IPCT Contributor
IPCT+ Member
Joined
Jul 15, 2014
Messages
16,742
Reaction score
38,978
Location
Alabama
Sounds like a serious HIPAA violation in the works for that hospital.

According to The HIPAA Journal, out of the The Most Common HIPAA Violations You Should Be Aware Of, #2 on the list of 10 is "Failure to Perform an Organization-Wide Risk Analysis ". The article goes on to state ".... The failure to perform an organization-wide risk analysis is one of the most common HIPAA violations to result in a financial penalty. If the risk analysis is not performed regularly, organizations will not be able to determine whether any vulnerabilities to the confidentiality, integrity, and availability of PHI exist. Risks are therefore likely to remain unaddressed, leaving the door wide open to hackers."

I doubt very much if there was an unbiased, third-party risk assessment done. Heavy, HEAVY fines could be levied against an already financially strapped hospital....but it's typical of many decisions made in a liberally-governed city and state. I'm sure the equally liberal-minded Google was very convincing, stating only the benefits but forgetting to mention the possible risks to confidentiality of PHI (Personal Health Information).

I would have thought someone in the hospital's IT department would have phoned-in an anonymous complaint to HIPAA. Maybe they did and everyone involved thought it was a great idea. I just cannot come to that same conclusion. We'll see later on though, won't we?
 
Last edited:
Ace844

Ace844

Getting the hang of it
Joined
Jan 2, 2020
Messages
41
Reaction score
26
Location
Massachusetts
Large swaths of HIppa have been waived during the Pandemic by executive order both state and FED. Good luck finding someone to find a "care" about such violations today.
 
TonyR

TonyR

IPCT Contributor
IPCT+ Member
Joined
Jul 15, 2014
Messages
16,742
Reaction score
38,978
Location
Alabama
Ace844 said:
Large swaths of HIppa have been waived during the Pandemic by executive order both state and FED. Good luck finding someone to find a "care" about such violations today.
Click to expand...
That's not good, IMO. I understand the need for expediency in a crisis but I don't see that need putting PHI at risk of compromise.
Not that I doubt what you stated, but do you have some links that expound / clarify some HIPAA regs waived?
 
Ace844

Ace844

Getting the hang of it
Joined
Jan 2, 2020
Messages
41
Reaction score
26
Location
Massachusetts
TonyR

TonyR

IPCT Contributor
IPCT+ Member
Joined
Jul 15, 2014
Messages
16,742
Reaction score
38,978
Location
Alabama
Ace844 said:
For starters: 1068-Is the HIPAA Privacy Rule suspended during a national or public health emergency?
www.natlawreview.com

Relaxing Of HIPAA Laws During COVID-19 Pandemic

In light of the ongoing COVID-19 pandemic and the need for an informed and coordinated public health response, U.S. Secretary of Health and Human Services (HHS) Alex Azar has declared a limited waiver of the following provisions of the HIPAA Privacy Rule.
www.natlawreview.com www.natlawreview.com
Click to expand...
Thanks for the response and the links.

This concerns me (from your link here):

"......Disclosures to the Media and Others

Covered entities, according to the rules, should not disclose specific information about the treatment (including, but not limited to, a patient’s test results and specific details of an individual’s condition or illness) of an identifiable patient to the media or other individuals not involved in the patient’s care without the written, HIPAA-compliant authorization of the patient or the patient’s representative, except in such specific circumstances:
  • If a patient has not objected to or otherwise restricted the release of their own protected health information and the media or another individual or individuals request information about that particular patient by name, a covered entity may at their discretion acknowledge that the patient is receiving care in the facility, release limited facility directory information, and may provide information about the patient’s condition in broad and general terms such as “critical,” “stable,” “deceased,” or “treated and released.”
 
Ace844

Ace844

Getting the hang of it
Joined
Jan 2, 2020
Messages
41
Reaction score
26
Location
Massachusetts
TonyR said:
Thanks for the response and the links.

This concerns me (from your link here):

"......Disclosures to the Media and Others

Covered entities, according to the rules, should not disclose specific information about the treatment (including, but not limited to, a patient’s test results and specific details of an individual’s condition or illness) of an identifiable patient to the media or other individuals not involved in the patient’s care without the written, HIPAA-compliant authorization of the patient or the patient’s representative, except in such specific circumstances:
  • If a patient has not objected to or otherwise restricted the release of their own protected health information and the media or another individual or individuals request information about that particular patient by name, a covered entity may at their discretion acknowledge that the patient is receiving care in the facility, release limited facility directory information, and may provide information about the patient’s condition in broad and general terms such as “critical,” “stable,” “deceased,” or “treated and released.”
Click to expand...
There are a lot of concerning items around these days if we care to look hard enough. However, in a mass disaster situation, these things typically take a back seat to the practice and application of medicine. If you you want to complain later and make noise, at least you're still breathing and healthy enough to do so. Good luck finding a jury of people and convincing them that generic normal day to day administrative rules take precedence over care in "extraordinary situations"
Right, wrong, or indifferent it's reality.
 
A

aristobrat

IPCT Contributor
Joined
Dec 5, 2016
Messages
2,983
Reaction score
3,180
crw030 said:
unless through some magic they are not recording anything to the cloud????
Click to expand...
One article said the hospital worked directly with Google for this implementation, and another said the cameras streamed directly to a console in the hospital, so I'm guessing there's a chance it doesn't stream to the cloud. I'm also guessing that since it's an official press release on the hospital's website, there's a good chance the solution has been vetted by their security folks.
 
TonyR

TonyR

IPCT Contributor
IPCT+ Member
Joined
Jul 15, 2014
Messages
16,742
Reaction score
38,978
Location
Alabama
Ace844 said:
There are a lot of concerning items around these days if we care to look hard enough. However, in a mass disaster situation, these things typically take a back seat to the practice and application of medicine. If you you want to complain later and make noise, at least you're still breathing and healthy enough to do so. Good luck finding a jury of people and convincing them that generic normal day to day administrative rules take precedence over care in "extraordinary situations"
Right, wrong, or indifferent it's reality.
Click to expand...
Oh, I agree and understand wholeheartedly. It's just that my trust list doesn't even have "The Media" down at the bottom, if you get my drift. :confused:
 
looney2ns

looney2ns

IPCT Contributor
Joined
Sep 25, 2016
Messages
15,622
Reaction score
22,861
Location
Evansville, In. USA
You must log in or register to reply here.
Top