As many of our readers have already heard, on March 13, 2012 HHS announced that Blue Cross Blue Shield of Tennessee entered into a Resolution Agreement for $1.5 Million Dollars to settle potential violations of HIPAA. You can access a copy of the Resolution Agreement here. I find this new case...
Feb 29th is Last Day to Report Breaches of <500 to HHS! For those that have been logging their “small” Breaches (i.e., less than 500 individuals affected) and waiting to report them to HHS at the end of the year, next Wednesday, February 29th is the LAST day to get your information entered into...
HIPAA Auditor Responsible for Breach in 2010 In June of 2010, a large healthcare system was informed by its business associate that a breach had occurred, affecting thousands of patients at its hospital. The breach had occurred the previous month when an employee of the business...
Spartanburg Breach Affects 400,000…But They’re Not Telling According to the Office for Civil Rights (OCR) webpage listing breaches of PHI over 500, a theft affecting an originally unreleased number of patients turned out to have impacted approximately 4,000 patients…times 100. You’d...
Hospital Theft Leads to HIPAA Criminal Charges An Alabama woman has been slapped with criminal charges in connection with the theft of patient information from Trinity Medical Center in Birmingham, Alabama, as reported by The Birmingham News. Section 1320d-6 imposes criminal penalties...
Class Action Sought for Charleston Area Medical Center Breach Patients affected by a West Virginia hospital breach that went undetected for several months are seeking certification as a class action as reported by Health Data Management. Five of the approximately 3,655 affected...
Just When You Think the Breach is Over, the Lawsuit Comes On November 16th, a class of plaintiffs sued AvMed for a massive breach that resulted in their personal information being put at risk. In December of 2009, unencrypted laptop computers were stolen from an AvMed facility in...
Oh where, Oh where has the Security Breach Rule gone? Today, I was going to draft a follow up article to my previous post to address whether notification was required under the Security Breach Notification Rule. However, when I sat down to begin typing, I discovered that the Breach Rule...
Aetna “forgets” file cabinet full of patient information A reminder to all covered entities out there that may be considering selling their business – don’t forget your file cabinet!! (or computers .. or disks … or seemingly “empty” boxes where PHI may be lurking.....well, you get the...