Lost Backup Device Costs Medical Practice $750,000

File this story under “HIPAA Horrors.”

A radiation oncology group in Indiana has agreed to pay $750,000 to settle potential HIPAA violations, says HHS. The problem started with a laptop bag stolen from a practice employee’s car three years ago. The laptop itself did not contain ePHI, but the stolen laptop bag also contained a backup device housing names, Social Security numbers, insurance information and other details for 55,000 patients.

So it was an accident, right? Why the huge fine? Back when the laptop was stolen, the practice hadn’t done a HIPAA risk analysis and didn’t have a privacy compliance policy that warned employees not to take devices containing ePHI out of the facility.

Feeling like a HIPAA risk assessment is long overdue at your health care organization? Go here to start solving the problem.

More HIPAA Help via this on-demand webinar:

Fact or Fiction: 12 HIPAA Myths that Threaten the Safety of Your PHI and Payments

Let’s Connect

Drop a line for our sales representative to get in touch with you

  • This field is for validation purposes and should be left unchanged.

Latest Article

images

Contact lens safety: What you need to know

  • 20 Oct 2021

Contact lenses create perfect vision for tens of millions of Americans, but make sure you know the rules for using them correctly According to the U.S. Food and Drug Administration (FDA),...

images

Does your EHR have the right certifications?

  • 18 Oct 2021

Ensure your certifications are correct so you don’t miss out on CMS payments Certification is a big deal when it comes to selecting an electronic health record (EHR) prov...

images

Which states require EPCS?

  • 29 Sep 2021

[vc_row][vc_column][vc_column_text] Electronic Prescriptions for Controlled Substances becoming a standard across the country EPCS is increasingly becoming a standard across the United S...

Download Article

test
test