HIPAA Update – Advocate Health Care, a Single entity, settles HIPAA Penalties for $5.55 Million

Post 11 of 87

Advocate Health Care Network, the largest fully-integrated health care system in Illinois, agreed to the largest HIPAA Settlement to be paid by a single entity for potential penalties in the amount of $5.55M. The alleged long term non-compliance resulting in this settlement included four failures to comply with HIPAA including:

  1. failure to adequately conduct risk assessments,
  2. failure to limit physical access to ePHI,
  3. failure to obtain Business Associate Agreements, and
  4. failure to safeguard an unencrypted laptop from an unlocked car overnight.

This settlement demonstrates just how seriously the Office for Civil Rights takes HIPAA compliance. Risk assessments, physical security, business associate agreements, and safeguarding laptops and other portable mobile devices are not optional. Covered Entities and their Business Associates need to take heed and take the necessary steps to ensure compliance with HIPAA.  Read more in the official press release.

By Denise Bloch

Denise Bloch

Print Friendly

, , , , , , , , , , , , , , , , , , ,


St. Louis  |  Clayton  |   Kansas City


Alton  |  Carbondale  |  Edwardsville  |  O'Fallon

The information on this website is for general information purposes only. Nothing on this site should be taken as legal advice for any individual case or situation.
This information is not intended to create, and receipt or viewing does not constitute, an attorney-client relationship. © 2014 Sandberg Phoenix & von Gontard P.C. All Rights Reserved.