Hospital Fails to Terminate Former Employee’s Access to HIPAA-Protected Data

By The Health Law Offices of Anthony C. Vitale | December 24, 2018
A blue medical symbol with the words hippa compliant underneath.

A recent HIPAA enforcement action should serve as a reminder to healthcare organizations of the need to terminate an employee’s access to patients’ electronic protected health information (ePHI) immediately after that employee leaves the organization. The most recent action – the third within a month – involved Pagosa Springs Medical Center in Colorado. The critical…

Read More

Dumpster Diver Demonstrates Importance of Proper Medical Record Storage and Disposal

By The Health Law Offices of Anthony C. Vitale | March 5, 2018
A drawing of a person in the trash.

Just because a business closes its doors, it doesn’t mean that it no longer is obligated to safeguard patients’ protected health information (PHI), as one company recently learned. Earlier this month, the receiver appointed to liquidate the assets of Filefax, Inc. agreed to pay $100,000 out of the receivership estate to settle potential HIPAA violations.…

Read More

Why You Need a HIPAA-Compliant Business Associate Agreement

By The Health Law Offices of Anthony C. Vitale | May 1, 2017
A man and woman shaking hands over a table.

The recent announcement by The Department of Health and Human Services’ Office for Civil Rights (OCR) that it agreed to settle potential violations of the Health Insurance Portability and Accountability Act (HIPAA) with The Center for Children’s Digestive Health (CCDH) should serve as a lesson to other healthcare organizations about the need to obtain signed,…

Read More