A recent HIPAA enforcement action should serve as a reminder to healthcare organizations of the need to terminate an employee’s access to patients’ electronic protected health information (ePHI) immediately after that employee leaves the organization. The most recent action – the third within a month – involved Pagosa Springs Medical Center in Colorado. The critical…

Read More

Just because a business closes its doors, it doesn’t mean that it no longer is obligated to safeguard patients’ protected health information (PHI), as one company recently learned. Earlier this month, the receiver appointed to liquidate the assets of Filefax, Inc. agreed to pay $100,000 out of the receivership estate to settle potential HIPAA violations.…

Read More