Archive for the Data Breach Category

Indiana Medical Records Service Pays $100,000 to Settle HIPAA Breach

23rd May 2019 Medical Informatics Engineering, Inc. (MIE) has paid $100,000 to the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services, and has agreed take corrective action to settle potential violations of the Health Insurance Portability and Accountability Act (HIPAA) Privacy

Read more

New HHS Fact Sheet on Direct Liability of Business Associates under HIPAA

24th May 2019 The HHS Office for Civil Rights (OCR) has issued a new fact sheet that provides a clear compilation of all provisions through which a business associate can be held directly liable for compliance with certain requirements of the HIPAA Privacy, Security, Breach Notification, and

Read more

Tennessee diagnostic medical imaging services company pays $3,000,000 to settle breach exposing over 300,000 patients’ protected health information

May 6, 2019 Touchstone Medical Imaging (“Touchstone”) has agreed to pay $3,000,000 to the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS), and to adopt a corrective action plan to settle potential violations of the Health Insurance Portability and Accountability

Read more

Colorado hospital failed to terminate former employee’s access to ePHI

Colorado hospital failed to terminate former employee’s access to ePHI

Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security rules requires all healthcare covered entities and their business associates to conduct security risk analysis of their IT infrastructure annually and with any change in process or system. As part of HIPAA rules, all covered entities and their business associates are required to have proper procedure in place to terminate any employees.
Pagosa Springs Medical Center (PSMC) has agreed to pay $111,400 to the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services and to adopt a substantial corrective action plan to settle potential HIPAA violations

Read more

Florida contractor physicians’ group shares protected health information with unknown vendor without a business associate agreement

December 8,2018 – Advanced Care Hospitalists PL (ACH) has agreed to pay $500,000 to the Office for Civil Rights (OCR) of the U.S. Department of Health and Human Services (HHS) and to adopt a substantial corrective action plan to settle potential violations of the Health Insurance Portability

Read more

HIPAA Compliance 2016 Year in Review

Planning for the upcoming year is a chance to review the main developments in Healthcare IT HPAA Compliance from 2016 that will affect providers, business associates, and patients. Priorities remain to uphold confidentiality, integrity, and availability of patient data, factoring in the latest proceedings in technological and

Read more