Thursday, September 10, 2015

Small MD Practice Fined $750K for HIPAA Privacy Violations

A group practice of 13 oncologists has agreed to pay a $750,000 fine to the Health and Human Services department (HHS) for potential HIPAA privacy violations.

In addition to paying $750,000 the Indiana practice will adopt a robust corrective action plan to correct deficiencies in its HIPAA compliance program. According to Office of Civil Rights director Joceyln Samuels, "Organizations must complete a comprehensive risk analysis and establish strong policies and procedures to protect patients’ health information."

"$750,000 HIPAA settlement emphasizes the importance of risk analysis."
- OCR Director Jocelyn Samuels
Part of a comprehensive risk assessment is controlling access to personal health information (PHI). In addition to preventive controls strong detective controls are key to protecting PHI. Organizations can proactively detect inappropriate access and data theft, even by authorized users, by utilizing SaaS analytics services.
Learn how to proactively detect identity theft and unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) HSS Privacy Enforcement Cancer Care Group, P.C. - www.HHS.gov, 09/02/2015

No comments:

Popular Posts

Copyright © 2010-2017 by Veriphyr Incorporated, All Rights Reserved.

Contact us at Veriphyr.com.