data breach

Photocopiers and HIPAA – Health Plan Settles with HHS for $1.2 Million

Posted on August 15, 2013

Posted in Audit and Compliance, HIPAA and Privacy, Hospitals and Health Care Facilities, Information Technology and EMR, Insurance and Managed Care, Long Term Care, Home Health and DME, Physicians and Other Licensed Professionals, Regulatory Issues

Is your office photocopy machine a HIPAA time-bomb? Affinity Health Plan recently learned that the answer is yes, to the tune of a $1.2 million settlement with the US Department of Health and Human Services Office for Civil Rights (OCR). Affinity is a not-for-profit managed care organization which includes one of the New York metropolitan…

New Breach Notification Requirements Released

Posted on January 25, 2013

Posted in Audit and Compliance, HIPAA and Privacy, Regulatory Issues

The US Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) released final rules on January 17, 2013 governing the privacy and security of protected health information under HIPAA and the HITECH Act. The new rules take effect March 26, 2013; compliance is expected by September 23, 2013. This post will focus…

First HHS Settlement for Small HIPAA Breach

Posted on January 3, 2013

Posted in Audit and Compliance, HIPAA and Privacy, Hospitals and Health Care Facilities, Information Technology and EMR, Long Term Care, Home Health and DME, Physicians and Other Licensed Professionals

On January 2, 2013, the US Department of Health and Human Services announced a $50,000 settlement with Hospice of North Idaho for a data breach involving the theft of a lost, unencrypted laptop computer containing the health information of 441 patients.

This settlement is the first for a reported breach affecting fewer than 500 individuals. …