Tag archive: hipaa

Sidestepping Encryption? Better Be Ready To Pay Millions for HIPAA Violations

Earlier this week, the University of Texas MD Anderson Cancer Center was ordered to pay a staggering $4,348,000.00 in order to resolve HIPAA violations from data breaches occurring in 2011, 2012, and 2013. The extremity of the penalties is explained by the fact that the data breaches were completely preventable. Generally, covered entities and business…

HIPAA Update – Newest Settlement of $475,000 Results From Untimely Breach Report

Don’t let your clients get caught paying a “big” settlement for failing to report a HIPAA breach! For the first time, the Office of Civil Rights (OCR) has announced a HIPAA settlement with a provider who failed to provide a timely breach report. Presence Health, a health network serving Illinois with approximately 150 locations, including…

HIPAA Update – Advocate Health Care, a Single entity, settles HIPAA Penalties for $5.55 Million

Advocate Health Care Network, the largest fully-integrated health care system in Illinois, agreed to the largest HIPAA Settlement to be paid by a single entity for potential penalties in the amount of $5.55M. The alleged long term non-compliance resulting in this settlement included four failures to comply with HIPAA including: failure to adequately conduct risk…

Triple-S to Pay $3.5 Million Plus Adopt a Robust Corrective Action Plan

Office of Civil Rights (OCR) Director Jocelyn Samuels has made it clear that the “OCR remains committed to strong enforcement of the HIPAA Rules.” The latest settlement announced on 11/30/15 concerning Triple-S, an insurance holding company offering a wide range of insurance products and services, demonstrates just how committed the OCR is when it comes…

Happy HIPAA Thursday – Paper Records Count too!

Just ask Cornell Prescription Pharmacy about disposal of unshredded paper pharmacy records containing protected health information (PHI), and you will hear that this pharmacy paid $125,000 plus it has entered a Resolution Agreement with the OCR.  Not only is this pharmacy paying a significant penalty, it will be under a corrective action plan to correct…

Phase 2 HIPAA Audits Are Coming, Now Is The Time To Get Ready

In 2011-2012, the U.S. Department of Health and Human Services Office for Civil Rights conducted a pilot audit program (Phase 1) to evaluate covered entities compliance with HIPAA privacy, security and breach notification rules. The results of those audits…

Covered Entity Alert – HIPAA BAA Compliance Deadline is 9-23-14

The Omnibus Final Rule (Final Rule) under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) was issued in January 2013 and became effective on March 26, 2013 with a general compliance date of September 23, 2013. However, Covered Entities were given additional time to get their pre-Final Rule Business Associate Agreements (BAAs) in…

Happy HIPAA Monday – Stolen Laptop + No Encryption = Provider Data Breach

Cedars-Sinai Medical Center in LA reported a stolen employee laptop containing patient protected health information as well as social security numbers and other personal information of at least 500 patients. While the hospital has encryption policies, this laptop lacked encryption after a recent operating system upgrade. The hospital will mail letters this week to potentially…

Happy HIPAA update: OCR getting new Director

Based on reports that HHS Secretary Sylvia Mathews Burwell appointed Joceyln Samuels to replace Leon Rodriguez, it appears Office for Civil Rights (OCR) has the new leadership it has been awaiting. With this new leadership at the helm, can HIPAA audits be far off? Probably not. Iliana Peters, OCR’s senior advisor for HIPAA compliance and…

Happy HIPAA Monday – $800,000 Reason to Take HIPAA Seriously

Today, the HHS Press office released notice of a settlement of $800,000 with Parkview Health System, Inc. (Parkview) for potential HIPAA violations. This settlement relates to a complaint going back to September 2008, when Parkview received between 5,000-8,000 patient records from a retiring physician. Parkview received the medical records as part of the physician’s transition…

MISSOURI

St. Louis  |  Clayton  |   Kansas City

ILLINOIS

Alton  |  Carbondale  |  Edwardsville  |  O'Fallon

The information on this website is for general information purposes only. Nothing on this site should be taken as legal advice for any individual case or situation.
This information is not intended to create, and receipt or viewing does not constitute, an attorney-client relationship. © 2014 Sandberg Phoenix & von Gontard P.C. All Rights Reserved.

Menu