![]() ![]() A medical practice in Phoenix sent patient data over insecure email and was fined $100,000.īe aware of HIPAA requirements. Disclosing PHI to third parties who do not have access rights.Phoenix Cardiac Surgery posted a patient’s appointment on an online calendar and paid $100,000. Releasing information without authorization.Affinity Health Plan paid $1.2 million after failing to erase the photocopier drives before returning them to the leasing company. A Walgreens in Indiana breached a single patient’s privacy and paid her $1.44 million. Failing to train employees in HIPAA compliance.A pediatric practice in Massachusetts lost a flash drive and settled for a $150,000 fine. Loss or theft of devices containing personal health information (PHI).The Massachusetts Eye and Ear Infirmary failed to encrypt physicians’ laptops, which led to a $1.5 million fine. WellPoint didn’t secure an online health database and paid $1.7 million Fines reach up to $50,000 US dollars per occurrence. Larger healthcare organizations – hospitals and insurance companies – have in-house information technology teams, but smaller businesses don’t have the same depth of IT help on hand. HIPAA is an acronym for the Health Insurance Portability and Accountability Act, which has very specific rules and regulations around a patient’s health information. HIPAA compliance continues to be a real challenge for small and midsized businesses. Let’s address the (ahem …) hippo in the room. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |