Category Archives: General

$215,000 settlement that started from a report of 7 records

As required by HIPAA (45 CFR §§ 164.400-414), the Skagit County Public Health Department (Washington) reported that the HIPAA-related financial files of seven (7) individuals had been inappropriately accessed after they were moved to a server that permitted access by

Huge Local Government Breach Fine PLUS Sanctions

HIPAA and GINA apply to specific data at rest or in motion in the United States, Puerto Rico, Guam, American Samoa and the US Virgin Islands. As a result of a September 2013 Breach impacting 13,336 individuals, Puerto Rico’s Triple-S

LabMD to close its doors after Breaches

While the authority of Health and Human Services – Office of Civil Rights to enforce privacy and security in undeniable, another federal agency with similar authority appears to be becoming more active in similar enforcement efforts. As a result of

Another Costly and Avoidable Omission

The theft of two laptops with data from AMHC Healthcare, Inc. serves as yet another reminder that protecting PHI at-rest and in-motion REQUIRES current and continuing consideration. The unencrypted laptops are reported to have contained information of 729,000 individuals. At

Advocate Medical Fallout Starts

Although actual damages have not yet been quantified, a CLASS ACTION lawsuit has been filed on behalf of possibly affected individuals. The average settlement to date for class action suits is $2,500 per individual PLUS an average of $1.2 million

Illinois State Attorney is Getting Involved

Remember the story about the theft of the four computers with a total close to 4 million records? All we can say is UH OH. The Illinois State Attorney General is getting involved along with HHS OCR! http://articles.chicagotribune.com/2013-08-28/business/chi-advocate-20130828_1_medical-data-health-information-medical-record-numbers Remember, this

Up to 4 Million Affected by Breach

Advocate Medical Group reported the theft of four UNENCRYPTED computers that were reported as containing names, addresses, dates of birth, Social Security numbers and certain clinical information, such as diagnoses, medical records numbers, medical service codes and health insurance information

Copier Breach settles for $1,215,780 fine PLUS PLUS

CBS purchased a copier previously leased by Affinity Health Plan in New York. An investigative report by CBS News into the transaction was prompted by the discovery that the hard disks inside the copies contained medical information for up to

Staffing-up continues at HHS/OCR

HHS/OCR continues its staffing-up for its enforcement of HIPAA’s 2013 Final Rule. This includes, but is not limited to, another Senior Health Information Privacy Enforcement Specialist. Position: Senior Health Information Privacy Enforcement Specialist GS-301-15 The Office for Civil Rights has

Education – another reminder of its importance

A Miami respiratory therapist has pleaded guilty to identity theft and fraud charges related to a breach involving more than 800 patient records. The South Miami Hospital employee pleaded guilty in district court for the Southern District of Florida on