Utah physician agrees to $100K HIPAA violations settlement

Steven Porter, MD, a gastroenterologist in Ogden, Utah, has agreed to pay HHS’ Office for Civil Rights $100,000 to settle a potential HIPAA violation, according to a March 3 news release from HHS. 

The OCR began investigating Dr. Porter’s practice after he filed a notice of a data breach due to a dispute with a business associate. After an investigation, the OCR determined that Dr. Porter failed to conduct a risk analysis when the breach was reported. 

Additionally, although Dr. Porter had significant technical assistance through the investigation, he never implemented security measures sufficient to reduce risks and vulnerabilities. 

“All healthcare providers, large and small, need to take their HIPAA obligations seriously,” said OCR Director Roger Severino. “The failure to implement basic HIPAA requirements, such as an accurate and thorough risk analysis and risk management plan, continues to be an unacceptable and disturbing trend within the healthcare industry.” 

Along with paying $100,000, Dr. Porter agreed to complete a corrective action plan, which includes two years of monitoring. 

Copyright © 2024 Becker's Healthcare. All Rights Reserved. Privacy Policy. Cookie Policy. Linking and Reprinting Policy.


Featured Whitepapers

Featured Webinars