Posts Tagged ‘HIPAA’
OCR Settles With Five Providers Over HIPAA Right of Access Claims
The HHS Office of Civil Rights (OCR) recently announced the settlement of five more investigations into violations of the HIPAA requirement that patients be given access to their electronic medical records in a timely manner and at a reasonable cost. As we first wrote about last year, OCR launched its Right of Access Initiative in…
Read MoreOCR Cracking Down on Providers Who Violate HIPAA’s Right of Access Requirement
HIPAA Violations Result in More Than Fines: Beware of Jail Time
Late last month, the U.S. Department of Justice announced that a 62-year-old woman would be spending a year behind bars after being convicted of disclosing the health information of two people “with the intent to cause them embarrassment and mental distress.†Linda Sue Kalina worked from March 7, 2016 through June 23, 2017 as a…
Read MoreOCR Fact Sheet Clarifies BA Liability Under HIPAA
The U.S. Department of Health and Human Services Office for Civil Rights recently issued a new fact sheet on the Direct Liability of Business Associates under HIPAA. The release of the fact sheet immediately followed a settlement agreement with a business associate relating to a data breach that occurred in 2015 when hackers used a…
Read MoreHHS Makes Changes to HIPAA Civil Monetary Penalty Caps
The U.S. Department of Health and Human Services (HHS) has issued a notification that it is changing the way it applies the assessment of Civil Money Penalties (CMPs) against those who violate the Health Insurance Portability and Accountability Act of 1996 (HIPAA), as amended by the Health Information Technology for Economic and Clinical Health (“HITECHâ€)…
Read MoreHospital Employees Fired for Celebrity Snooping
You’ve heard the saying “curiosity killed the cat,†well in the case of dozens of hospital employees, curiosity may have killed their careers. Earlier this month, Chicago’s Northwestern Memorial Hospital fired dozens of employees who allegedly accessed the medical records of actor Jussie Smollett without authorization, according to numerous published reports. The Empire actor was…
Read MoreHIPAA Enforcement tops $28M in 2018
If it seems as if HIPAA violations were in the news more often than ever last year, that may be because 2018 saw an all-time record year in HIPAA enforcement activity. There were 10 cases settled and one judgement secured by the Office of Civil Rights (OCR) of the U.S. Department of Health and Human…
Read MoreHospital Fails to Terminate Former Employee’s Access to HIPAA-Protected Data
A recent HIPAA enforcement action should serve as a reminder to healthcare organizations of the need to terminate an employee’s access to patients’ electronic protected health information (ePHI) immediately after that employee leaves the organization. The most recent action – the third within a month – involved Pagosa Springs Medical Center in Colorado. The critical…
Read MoreFailure to Have Business Associates Agreement in Place Proves Costly
A medical group practice based in Lakeland, Fla. must pay $500,000 to settle potential HIPAA violations and adopt a substantial corrective action plan after a data breach that could have affected more than 9,000 patients was discovered. According to the Office for Civil Rights of the U.S. Department of Health and Human Services, between November…
Read MoreAllergy Center’s HIPAA Fine Nothing to Sneeze at
A Connecticut healthcare provider recently learned it’s better not to comment in public about a patient, even if that patient has disclosed his or her own protected health information (PHI) to others. The incident involved Allergy Associates of Hartford, a provider specializing in the treatment of patients with allergies. The patient called a local television…
Read More