The Office of the Maine Attorney General is reviewing whether the city of Portland violated federal and state patient privacy laws when it shared information on 229 patients enrolled in a HIV-positive health care program, The Portland Press Herald reports. City officials maintain that sharing the list of names and contact information with researchers at the University of Southern Maine does not constitute a formal breach of HIPAA since the law contains exemptions for research and program evaluation. An official at USM said researchers were under the assumption that patient consent had been provided for the release of information and that they received the data after guidelines for handling and protecting the information had been established. The report states it is unclear who created and provided the patient list.
If you want to comment on this post, you need to login.