HIPAA Fines, Mobile Devices and Risk Assessments: Follow the Steps or Pay the Price
By Lance O. Leider, J.D., The Health Law Firm
Two separate entities have agreed to pay the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) $1,975,220 in fines collectively. The settlements resolve potential violations of the Health Insurance Portability and Accountability Act (HIPAA) privacy and security rules involving stolen, unencrypted laptops. These two actions shine a light on the significant risk unencrypted laptops and other mobile devices pose to the security of patient information.
To read the press release from the HHS OCR, published on April 22, 2014, click here.
Concentra Received Risk Assessments, But Did Not Act on Findings.
According to the OCR, an investigation of Concentra Health Services, a subsidiary of Humana, was conducted after a laptop was stolen from a Missouri physician therapy center. This investigation revealed that Concentra had previously received […]