Hospital Fails to Terminate Former Employee’s Access to HIPAA-Protected Data

A blue medical symbol with the words hippa compliant underneath.

A recent HIPAA enforcement action should serve as a reminder to healthcare organizations of the need to terminate an employee’s access to patients’ electronic protected health information (ePHI) immediately after that employee leaves the organization. The most recent action – the third within a month – involved Pagosa Springs Medical Center in Colorado. The critical…

Read More

Dumpster Diver Demonstrates Importance of Proper Medical Record Storage and Disposal

A drawing of a person in the trash.

Just because a business closes its doors, it doesn’t mean that it no longer is obligated to safeguard patients’ protected health information (PHI), as one company recently learned. Earlier this month, the receiver appointed to liquidate the assets of Filefax, Inc. agreed to pay $100,000 out of the receivership estate to settle potential HIPAA violations.…

Read More