The Department of Health and Human Services (HHS) announced the settlement in a press release.
"In addition to the $800,000 resolution amount, the settlement includes a corrective action plan requiring [them] to revise their policies and procedures, train staff, and provide an implementation report to OCR." - HHS press releaseIn addition to the $800,000 payment the healthcare organization must must develop a corrective action plan "to address deficiencies in its HIPAA compliance program," according to the HHS Office for Civil Rights (OCR).
Download a white paper on patient privacy breach detection. Learn how to proactively identify unauthorized breaches of patient data privacy, even by authorized users - with no hardware and no on-site software.Sources:
(a) $800,000 HIPAA settlement in medical records dumping case - www.hhs.gov, 06/23/2014