News site default image

EHR security breach does not constitute false Meaningful Use attestation

Shared by Radhika Narayanan | 4 4 0 | about 3 years ago

Incurring individual security breaches of electronic patient health information does not necessarily mean that a provider’s attestation of meeting Meaningful Use and receiving incentive payments is in violation of the False Claims Act.

The U.S. Court of Appeals for the Sixth Circuit has upheld a lower district court’s ruling that dismisses a whistleblower’s lawsuit against Ohio-based Kettering Health System. Kettering had sent the whistleblower, Vicki Sheldon, two security breach notification letters informing her that several employees, including her ex-husband, had impermissibly accessed her electronic protected health information (PHI) in Kettering’s electronic health record. The employees also impermissibly ran an expired medication report that included Sheldon’s information. When she asked Kettering for access reports of her PHI, the hospital provided Sheldon with “homegrown” reports, but not “clarity” reports directly from its system.

Read More On www.fierceemr.com

Categories Cybersecurity Healthcare IT Meaningful Use



1 Votes


You must log in to post a comment