Korunda Medical, a Naples, Fla.-based primary care and interventional pain management provider, agreed to pay $85,000 for violating the Right of Access rule. The office began investigating Korunda in March after receiving a complaint from a patient that the medical center failed to forward their health records in an electronic format to a third party.
After receiving the complaint, the office provided Korunda with technical assistance to correct the matter and closed the complaint. But Korunda still did not provide the requested records, which resulted in another complaint to the federal office.
Under the new HIPAA rule, healthcare providers must release medical records to patients within 30 days of their request and can only charge a reasonable, cost-based fee. The civil rights office announced its first settlement under the initiative in September with Bayfront Health St. Petersburg (Fla).
In addition to the financial settlement, Korunda will undergo a corrective action plan, which includes one year of monitoring by the civil rights office.
More articles on cybersecurity:
Wyoming hospitals hit by cyberattacks almost daily, state hospital association says
Illinois hospital warns 1,400 patients of data breach
Ascension Ventures, HITRUST & more form data security coalition
At the Becker's 11th Annual IT + Revenue Cycle Conference: The Future of AI & Digital Health, taking place September 14–17 in Chicago, healthcare executives and digital leaders from across the country will come together to explore how AI, interoperability, cybersecurity, and revenue cycle innovation are transforming care delivery, strengthening financial performance, and driving the next era of digital health. Apply for complimentary registration now.
