Idaho State University to Pay HHS $400K to Settle HIPAA Violations

HHS announced that Idaho State University in Pocatello has agreed to pay $400,000 to HHS to settle alleged violations of the Health Insurance Portability and Accountability Act of 1996 Security Rule.

The settlement involved a breach, dating back to 2011, in which the personal health information of approximately 17,500 patients was unsecured for at least 10 months, due to the disabling of firewall protections at ISU's Pocatello (Idaho) Family Medicine Clinic.  

The HHS' Office for Civil Rights launched an investigation after it was notified of the breach and found the university conducted incomplete risk analyses and assessments of its clinics. It also found the university had inadequately identified potential risks and vulnerabilities.

The university has agreed to a comprehensive corrective action plan to address the issues uncovered by the investigation.

More Articles on Settlements:

Parkland Memorial Hospital to Pay $1.4M Settlement to Resolve Fraud Allegations
Whistleblower Wins $2.1M in Case Against Bayonne Medical Center

UMass Memorial Health Care Reaches $2.2M Settlement in Employee Pay Suit

Copyright © 2024 Becker's Healthcare. All Rights Reserved. Privacy Policy. Cookie Policy. Linking and Reprinting Policy.


Featured Whitepapers

Featured Webinars