Mass. AG Levies 750k Judgment on Hospital for Data Breach Massachusetts Attorney General Martha Coakley announced on May 24, 2012 having reached a settlement agreement with South Shore Hospital for failure to protect personal and confidential health information of over 800,000...
Will HIPAA Conviction Appeal Loss Open the “Zhou” Gates? This post is prepared by Christopher Dodson. Readers of this blog are probably familiar with the case of Dr. Huping Zhou, who was successfully prosecuted for violating HIPAA’s privacy protections. Zhou accessed the patient records of...
Cardiac Surgery MD Group Agrees to Pay 0,000 Settlement to HHS for Lack of HIPAA safeguards And the HIPAA money keeps rolling to the feds. The latest settlement (announced today) is with a cardiac surgery physician group in Phoenix, Arizona, which has agreed to pay a hefty sum after someone...
As many of our readers have already heard, on March 13, 2012 HHS announced that Blue Cross Blue Shield of Tennessee entered into a Resolution Agreement for $1.5 Million Dollars to settle potential violations of HIPAA. You can access a copy of the Resolution Agreement here. I find this new case...
State AG Brings First HIPAA Lawsuit Against Business Associate Last month, I posted how treatment of business associates during HIPAA investigations remains unclear as well as assignment of liability for breaches of PHI. A final “omnibus rule” is expected to clarify the HITECH business...
OIG Releases New Fraud and Abuse Advisory Opinion Involving EHR Data Exchange On December 7, 2011, the Office of the Inspector General (OIG) released an Advisory Opinion regarding a proposed coordination service to facilitate the electronic exchange of data for patient referral...
OCR Director Reaffirms Commitment to Strengthening Privacy and Security of EHRs It’s no secret that since the days of its enactment, HIPAA enforcement has been lacking on both civil and criminal fronts from the Office of Civil Rights (OCR) and the Department of Justice (DOJ). However,...
HIPAA Audits Begin November 2011, How Can Covered Entities and Business Associates Prepare? The United States Department of Health and Human Services (HHS) has announced that it will begin HIPAA audits of covered entities and business associates this November 2011, and its contracted...
HIPAA Auditor Responsible for Breach in 2010 In June of 2010, a large healthcare system was informed by its business associate that a breach had occurred, affecting thousands of patients at its hospital. The breach had occurred the previous month when an employee of the business...
UCLAHS Settles Potential HIPAA Violations The HHS OCR has announced its settlement with the University of California Los Angeles Health System (UCLAHS) for potential violations of the HIPAA Privacy and Security Rules. The settlement and resulting Resolution Agreement resolved two...
Doctor Faces Criminal Charges for Wrongful Disclosures under “False Pretenses” Tripping on the heels of the HIPAA criminal charges against Chelsea Catherine Stewart for theft of patient information, (see my previous post on June 14, 2011), a physician was indicted June 21, 2011 on three...
Hospital Theft Leads to HIPAA Criminal Charges An Alabama woman has been slapped with criminal charges in connection with the theft of patient information from Trinity Medical Center in Birmingham, Alabama, as reported by The Birmingham News. Section 1320d-6 imposes criminal penalties...
CVS in the HIPAA Spotlight…Again. On March 7, CVS Caremark (CVS) hit the HIPAA spotlight again, and not in a good way. Back in 2009, CVS was the target of a joint U.S. Department of Health and Human Services (HHS) Offices for Civil Rights (OCR) and Federal Trade Commission (FTC)...
One, Two HIPAA Penalty Punch from HHS and OCR Just as gasps from the 4.3 million dollar penalty OCR assessed against Cignet Health of Maryland started to subside, OCR delivers a whopping 1 million dollar penalty to another hospital — this time to the The General Hospital Corporation and...
4.3 Million Penalty Assessed Under HITECH for HIPAA violations One might say that it looks like HHS and OCR are making up for all those years people have said there has been a lack of enforcement of HIPAA — 4.3 million dollars worth of “making up for lost time” in just one shot…. HHS...