Archive for December 2018
Hospital Fails to Terminate Former Employee’s Access to HIPAA-Protected Data
A recent HIPAA enforcement action should serve as a reminder to healthcare organizations of the need to terminate an employee’s access to patients’ electronic protected health information (ePHI) immediately after that employee leaves the organization. The most recent action – the third within a month – involved Pagosa Springs Medical Center in Colorado. The critical…
Read MoreWatchdog Report: Nearly $3B Recovered From Providers
Fighting healthcare fraud remains among the priorities for the U.S. Department of Health and Human Services Office of the Inspector General as evidenced by its most recent semiannual report to Congress. The watchdog organization reported recovering $2.91 billion from providers in fiscal year 2018. It took criminal actions against 764 individuals or healthcare providers that…
Read MoreFailure to Have Business Associates Agreement in Place Proves Costly
A medical group practice based in Lakeland, Fla. must pay $500,000 to settle potential HIPAA violations and adopt a substantial corrective action plan after a data breach that could have affected more than 9,000 patients was discovered. According to the Office for Civil Rights of the U.S. Department of Health and Human Services, between November…
Read MoreAllergy Center’s HIPAA Fine Nothing to Sneeze at
A Connecticut healthcare provider recently learned it’s better not to comment in public about a patient, even if that patient has disclosed his or her own protected health information (PHI) to others. The incident involved Allergy Associates of Hartford, a provider specializing in the treatment of patients with allergies. The patient called a local television…
Read More