Menu Close

Blue Cross Exec Tests HIPAA By Describing $12M Patient

Posted in HIPAA and the HITECH Act, Privacy and Data Protection, Private Insurers

A June 1 article, “Blue Cross Exec Tests HIPAA By Describing $12M Patient,” in Law360 provides an analysis of a recent incident in which a Wellmark Blue Cross & Blue Shield executive made a public comment about a patient who has accrued $12 million in annual medical bills. The executive, who made the comment during a Rotary Club speech in Iowa, “possibly stepped into a Health Insurance Portability and Accountability Act minefield,” according to the article.

The article points out that under HIPAA, details about age, gender and diagnosis are not automatically considered identifying information as names, addresses, dates of birth and Social Security numbers are. However, HIPAA can still be triggered if “there is a reasonable basis to believe that the information can be used to identify the individual.”

Day Pitney healthcare attorney Eric Fader was quoted in the article. Eric told Law360 that the Wellmark executive’s disclosure likely fell short of a HIPAA violation but he added, “If my client did this, I would cringe a little bit, and I would rather that they not have done it.”

Leave a Reply

Your email address will not be published. Required fields are marked *