Agent/Broker Portal
Forgot your User ID
or Password?
Sign Up Now
Contact Us: 844.4NORCAL

Case Studies: Physician Empathy Can Decrease Liability Risk

October 2, 2018

Although physician empathy may seem to be a low priority in comparison to clinical skill, research indicates that physician empathy has wide-ranging effects for both physicians and patients, including better patient outcomes, greater patient satisfaction, less stress and burnout, and — as the following case studies show — it can affect whether a patient files a medical liability lawsuit.

Learn More »
Filed under: Patient Communication, Patient Relationship, Physician, Case Study

Misdelivered Email Results in a HIPAA Data Breach

June 14, 2018

A common scenario in email security breaches is seen when a billing service sends a bill to an incorrect email address. In most practice arrangements, a third-party billing company will have signed a business associate agreement. According to HIPAA, business associates must inform covered entities when they discover a security breach; however, HHS gives covered entities and business associates flexibility in defining, in the business associate agreements, how and when a business associate should notify the covered entity of a potential breach.1 Consider the following case. (Please note that the following case focuses on the clinic’s responsibility to analyze the risk and perform the breach notification, even though the breach was caused by a business entity.)

Learn More »
Filed under: Digital Practice, HIPAA Privacy & Confidentiality, Cybersecurity, Information Security, Practice Manager, Case Study

Case Study Comparison: HIPAA Data Breaches and PHI on Stolen Laptops

June 14, 2018

According to HHS data, more than a third of all data breaches reported through 2017 involved a laptop, desktop, or mobile device.1 Compare Cases One and Two, and consider how better security practices protected the covered entity in Case Two.

Learn More »
Filed under: Digital Practice, HIPAA Privacy & Confidentiality, Cybersecurity, Information Security, Practice Manager, Case Study

Employee Voyeurism Leads to a HIPAA Data Breach

June 14, 2018

Employees access PHI for various illegitimate reasons. Including error and misuse, 71% of all cyber incidents in healthcare have an insider source1— the only industry that has more internal sources than external. Although the following case study involves only one patient, the covered entity was required to complete a data breach analysis and notify the patient and HHS.

Learn More »
Filed under: Digital Practice, HIPAA Privacy & Confidentiality, Cybersecurity, Information Security, Practice Manager, Case Study

Unsecured PHI on a Lost Flash Drive Results in a HIPAA Data Breach

June 14, 2018

A data breach doesn’t need to be criminal or intentional to be reportable. When a storage device is small, it is sometimes difficult to determine whether the device was lost, misplaced or stolen. However, even if a flash drive is presumably lost, a breach analysis must still be conducted and potentially affected patients must be notified if there is a probability of data compromise.

Learn More »
Filed under: Digital Practice, HIPAA Privacy & Confidentiality, Cybersecurity, Information Security, Practice Manager, Case Study
 | 

 Topics 

 Specialties 

Interested in NORCAL Group?

Contact Your Agent/Broker or call 844.4NORCAL today