It’s an old picture anyways, who knows where it comes from at this point. If the original person hasn’t somehow got in trouble already, deleting this one won’t do much, so just smile and wave boys, smile and wave
I see this sort of thing all the time and it genuinely baffles me how people won’t cover up the entirety of the text they’re trying to censor. I’ve even seen people go over text with multiple passes of a transparent brush (which you can almost see through by squinting, let alone if you pulled it into a photo editor). Like, why?
Idk I’m not a pharmacist, but I do work in biotech and have access to systems with PHI. All I’m saying is I treat this whole area with an abundance of caution.
And rightfully so! I would personally be too paranoid to even take a picture of a screen that had PHI, even if it was out of frame. However based on what is in the photo, nothing needed to be redacted from a HIPAA standpoint.
Which is precisely my point - if I were so motivated, I could suss that out. Or do a partial/fragmentary OCR match on valid addresses in Ohio that align with possible zip code matches and narrow it down to a relatively small potential target set of addresses and individuals.
It’s not about motivation. It’s about “is it feasibly possible to actually identify a person from this partially-obscured PHI”. But also, who the fuck knows if they’re going to care about enforcing PHI and HIPAA laws now 🫠
lol
But also, you should obscure that PHI more completely, just to be cautious.
It’s an old picture anyways, who knows where it comes from at this point. If the original person hasn’t somehow got in trouble already, deleting this one won’t do much, so just smile and wave boys, smile and wave
I see this sort of thing all the time and it genuinely baffles me how people won’t cover up the entirety of the text they’re trying to censor. I’ve even seen people go over text with multiple passes of a transparent brush (which you can almost see through by squinting, let alone if you pulled it into a photo editor). Like, why?
That’s the prescriber’s information. It says DEA, NPI, then the address, and probably phone number. None of that is HIPAA protected.
Idk I’m not a pharmacist, but I do work in biotech and have access to systems with PHI. All I’m saying is I treat this whole area with an abundance of caution.
And rightfully so! I would personally be too paranoid to even take a picture of a screen that had PHI, even if it was out of frame. However based on what is in the photo, nothing needed to be redacted from a HIPAA standpoint.
Whatever that top number may be, it’s very readable I just don’t wanna right now.
Which is precisely my point - if I were so motivated, I could suss that out. Or do a partial/fragmentary OCR match on valid addresses in Ohio that align with possible zip code matches and narrow it down to a relatively small potential target set of addresses and individuals.
To target some random dude that received a silly prescription? Why go through all the effort when you could just pick a random residential address?
It’s not about motivation. It’s about “is it feasibly possible to actually identify a person from this partially-obscured PHI”. But also, who the fuck knows if they’re going to care about enforcing PHI and HIPAA laws now 🫠
my medical records were intentionally leaked a few times. HHS did jack fucking shit.