Tag: Health Insurance Portability and Accountability Act

St. Elizabeth’s Medical Center Reaches Agreement to Settle Alleged HIPAA Breach

Last week, St. Elizabeth’s Medical Center (SEMC), a hospital located in Brighton, Massachusetts, agreed to settle alleged violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) by paying $218,400 and adopting a robust corrective action plan.

Beth Israel To Pay $100,000 for Massachusetts Health Information Breach

Beth Israel Deaconess Medical Center (Beth Israel) reached a settlement with the Massachusetts Attorney General’s Office for a data breach in which a physically unsecured laptop was stolen containing personal and protected health information of nearly 4,000 patients and employees.  In May 2012, a physician’s laptop was stolen from his desk at […]

Connecticut Court Holds HIPAA Does Not Preempt Common Law Claim for Breach of Confidentiality

The Connecticut Supreme Court held that the federal Health Insurance Portability and Accountability Act (HIPAA) does not bar individuals from bringing negligence and emotional distress claims under state common law for breach of confidentiality against medical providers who unlawfully exposed their protected health information (PHI).  In an opinion released this […]

Lawmakers Call to Clarify HHS’ Mobile Medical App Regulation

The mobile medical application marketplace has developed into a $68 billion industry; however, the U.S. Department of Health and Human Services (HHS) has not yet updated guidance regarding the Health Insurance Portability and Accountability Act’s (HIPAA) application to app developers that collect and use sensitive personal data. In response to […]

HIPAA Breach at Iowa Hospital Chain Highlights the Vulnerability of Electronic Medical Records and the Importance of Internal Audits

Another month, another HIPAA breach.  On October 2, 2013, UnityPoint Health, a large network of hospitals and clinics in Iowa and Illinois, announced that it had discovered a breach of its electronic medical records system and alerted the FBI.  The breach, in which a contractor gained access to the system over the course of […]

September 23, 2013: What It Means for HIPAA Business Associate Agreements

September 23, 2013 is rapidly approaching, and Covered Entities and Business Associates must comply with the requirements of the HIPAA Omnibus Rule by this date. Among the tasks facing Covered Entities and Business Associates seeking to meet Omnibus Rule requirements, they must ensure that their Business Associate Agreements (“BAAs”) comply […]

HIPAA Settlement Alert: WellPoint, Inc. Agrees to Pay $1.7 Million

On July 11, 2013, WellPoint, Inc. (“WellPoint”) entered into a Resolution Agreement (the “Agreement”) with the U.S. Department of Health and Human Services (“HHS”) to pay $1,700,000 to settle alleged privacy and security violations of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”).  The Agreement does not contain […]