Touchstone Medical Imaging (“Touchstone”) has agreed to pay $3,000,000 to the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS), and to adopt a corrective action plan to settle potential violations of the Health Insurance Portability and Accountability … [Read more...]
HIPPA Security Risk Assessment Tool has been updated
The Office of the National Coordinator for Health Information Technology (ONC) recognizes that conducting a risk assessment can be a challenging task. That’s why ONC, in collaboration with the HHS Office for Civil Rights (OCR), developed a downloadable Security Risk Assessment (SRA) Tool to help … [Read more...]
Florida contractor physicians’ group shares protected health information with unknown vendor without a business associate agreement
Advanced Care Hospitalists PL (ACH) has agreed to pay $500,000 to the Office for Civil Rights (OCR) of the U.S. Department of Health and Human Services (HHS) and to adopt a substantial corrective action plan to settle potential violations of the Health Insurance Portability and Accountability Act … [Read more...]
Another HIPAA physician practice violation to report
Allergy Associates of Hartford, P.C. (Allergy Associates), has agreed to pay $125,000 to the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) and to adopt a corrective action plan to settle potential violations of the Health Insurance Portability and … [Read more...]
Recent healthcare data breaches
HealthIT Security reports the following: SSM Health St. Mary’s Hospital in Jefferson City, Missouri, reported to OCR on July 30 that an improper disposal of paper medical records may have resulted in a data breach affecting 301,000 individuals. In a public notice, St. Mary’s Hospital said that … [Read more...]
HIPAA Update on Enforcement
At the 2018 HCCA Compliance Institute HIPAA Policy and Enforcement Update, it was reported that since September 2009 through the end of 2017 there were 2178 reports filed with the HHS OCR involving breaches affecting 500 or more individuals. In addition to large breaches, there were over 300,000 … [Read more...]