According to a labor source with knowledge of the negotiations, some lawmakers expressed concern that if the five-year delay of the tax was applied to health care plans in the Federal Employees Health Benefits Program, it would appear to be a conflict of interest. Members of Congress are enrolled in FEHBP as employees of the federal government.I don't buy that explanation because the Senate bill, thanks to Senator Chuck Grassley, would transfer all members of Congress and their staff members from the FEHB Program to the health insurance exchanges. Bye bye conflict of interest. More likely it's all about the Benjamins due to the FEHB Program's size.
Unfortunately, there were reports about three erroneous disclosures of unsecured protected health information by various health insurers:
- The State of Connecticut exercised its new right under the HITech Act by filing a HIPAA enforcement lawsuit against Health Net of Connecticut, Inc., "for failing to secure private patient medical records and financial information involving 446,000 Connecticut enrollees and promptly notify consumers endangered by the security breach."
- Blue Cross Blue Shield of Tennessee announced that
In October 2009, 57 hard drives containing audio and video files related to coordination of care and eligibility telephone calls from providers and members were stolen from a leased facility in Chattanooga that formerly housed a BlueCross BlueShield of Tennessee call center. The video files were images from computer screens of BlueCross customer service representatives and the audio files were recorded phone conversations from January 1, 2007 to October 2, 2009.
The files contained BlueCross members’ personal data and protected health information that was encoded but not encrypted, including:
- Members’ names and BlueCross ID numbers
- In some recordings – but not all – diagnostic information, date of birth and/or a Social Security number
BlueCross immediately investigated the theft and continues to work closely with local and federal authorities in their investigation of this crime. In addition, BlueCross hired Kroll, a global leader in security services, to conduct an independent assessment of its system-wide security and has taken several actions to strengthen these protocols.
According to the announcement, BCBST is complying with all the notice requirements of the recent HHS regulation governing erroneous disclosures of unsecured protected health information. The Chattanooga Free Times Express reports that "The data was encoded in such a way that it would be hard for anyone who obtained a stolen hard drive to view it, company spokeswoman Mary Thompson said."
- Finally Kaiser Permanente announced "a storage device with personal information for about 15,500 members in Northern California was stolen from an employee's car last month, the San Francisco Chronicle reports." California Healthline reports that
Kaiser officials said there is no evidence that information on the storage device has been used inappropriately (San Francisco Chronicle, 1/13).Kristin Chambers, Kaiser's vice president for compliance and privacy, said that members have been notified (Calvan, Sacramento Bee, 1/13)