HIPAA Enforcement is Growing Teeth

By Goosmann Law Team   |  10, December 2015
READ NOW
Read Post

HIPAA Enforcement is Growing Teeth

The Office of Civil Rights, Department of Health and Human Services recently announced fines against two health care providers for failure to properly implement and follow breach policies for electronic protected health information (ePHI).  In September 2015, an Indiana radiation oncology group agreed to pay a $750,000 fine and implement a corrective action plan after it was investigated and found it the 13-physician group failed to conduct an enterprise-wide risk analysis and did not adopt written policies as required under HIPAA regulations on the removal of ePHI from hardware and removable storage devices.  The group self-reported a breach after an employee’s laptop was stolen from a personal vehicle.  The laptop did not contain ePHI, but backup media in the laptop bag contained unencrypted ePHI including social security numbers, names, and addresses for 55,000 former patients. 

In the second investigation, St. Elizabeth’s Medical Center in Brighton, MA, reached a settlement to pay a $218,500 fine after an investigation revealed the Medical Center used an internet-based document sharing application to store documents that contained ePHI of some 498 patients.  The Medical Center also failed to respond to the known security incident, mitigate harmful effects, and document the incident and outcome of its internal review.  In addition, the Medical Center was fined for a second breach involving ePHI for 595 patients that was improperly stored on a former employee’s laptop and USB flash drive.

OCR continues to increase its enforcement efforts across the nation.  As evidenced by these two recent cases, human error continues to be a significant source of HIPAA violations.  The theft of laptops and external storage devices such as flash drives can and do result in significant exposure.  If your health care facility or practice has not adopted written policies and procedures on the proper management and handling of these devices, you are at risk. 

Goosmann Cyber Law Counsel helps companies protect their property, resources, and name. If you are a business owner and need assistance on how to stop visual hacking or for more information on cyber law, contact the Goosmann Law Firm at info@goosmannlaw.com or call (712) 226-4000.

CONTACT US

Subscribe Our Blog

Posts by Topic

DISCLAIMER: The information in this blog post (“post”) is provided for general informational purposes only, and may not reflect the current law in your jurisdiction. By visiting this website, blog, or post you understand that there is no attorney client relationship between you and the Goosmann Law Firm attorneys and website publisher. No information contained in this post should be construed as legal advice from Goosmann Law Firm, PLC, or the individual author, nor is it intended to be a substitute for legal counsel on any subject matter. No reader of this post should act or refrain from acting on the basis of any information included in, or accessible through, this Post without seeking the appropriate legal or other professional advice on the particular facts and circumstances at issue from a lawyer licensed in the recipient’s state, country or other appropriate licensing jurisdiction.

Contact Info

Sioux City Location
P. 712-226-4000
F. (712) 224-4517

Sioux Falls Location
P. (605) 371-2000
F. (605) 275-2039

Omaha Location
P. (402) 280-7648
F. (402) 505-3967

Disclaimer | Privacy Policy

Locations

Sioux City Location
410 5th Street
Sioux City, IA 51101

Sioux Falls Location
5010 S. Minnesota Avenue, Suite 100
Sioux Falls, SD 57108

Omaha Location
Advent Building
17838 Burke Street, Suite 250
Omaha, NE 68118
Goosmann

Goosmann Law Firm is a FULL SERVICE LAW FIRM with locations in Sioux City, Iowa, Sioux Falls, South Dakota, and Omaha, Nebraska. Goosmann Law attorneys are licensed to practice in Iowa, Nebraska, South Dakota, and North Dakota. Their attorney team's practices and industries include but are not limited to Agribusiness and Cooperatives, Banking and Finance, Bankruptcy, Restructuring and Workouts, Business, Construction, Cyber Law and Telecommunications, Divorce and Family Law, Education, Employment, Environmental Health and Safety, Gestational Surrogacy and Adoption, Health Care, Litigation and Trial Law, Manufacturing, Mergers and Acquisitions, Municipal, Nonprofit and Tax Exempt Organizations, Real Estate, and Transportation, Tribal, Wills, Trusts, Estate Planning, and Probate Law.

Goosmann © Copyright 2017