HIPAA Breach Notification Violations Cost Physician Practice $150k

A dermatology practice in Massachusetts has agreed to a $150,000 settlement with HHS for not having procedures in place to fulfill HIPAA's breach notification provisions.

The HHS Office for Civil Rights began investigating Adult & Pediatric Dermatology in Concord, Mass., after receiving a report of a stolen thumb drive containing the protected health information of 2,200 people. The OCR found the practice did not conduct a thorough investigation of the theft in accordance with HIPAA rules and did not comply with the HIPAA Breach Notification Rule.    

This case marks HHS' first settlement with a HIPAA-covered entity for not having proper breach procedures and policies in place.

More Articles on Data Breaches:

Computer Stolen From Inspira Medical Center Vineland
9 Recent Healthcare Data Breaches
Subcontractor Exposes Patient Information From Fairfax County Community Health Care

Copyright © 2024 Becker's Healthcare. All Rights Reserved. Privacy Policy. Cookie Policy. Linking and Reprinting Policy.


Featured Whitepapers

Featured Webinars