Tag: protected health information

Hospital and Vendor Reach Agreement to Settle Alleged HIPAA Violations with Connecticut AG

Last week, the Connecticut Attorney General (the “Connecticut AG”) announced that Hartford Hospital and its subcontractor, EMC Corporation (“EMC”), agreed to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”).  The entities will collectively pay a $90,000 penalty and also sign an Assurance of Voluntary Compliance (an […]

St. Elizabeth’s Medical Center Reaches Agreement to Settle Alleged HIPAA Breach

Last week, St. Elizabeth’s Medical Center (SEMC), a hospital located in Brighton, Massachusetts, agreed to settle alleged violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) by paying $218,400 and adopting a robust corrective action plan.

HIPAA FAQ Series: Are Covered Entities and Business Associates Required to Encrypt PHI?

The Health Insurance Portability and Accountability Act (HIPAA) mandates that both Covered Entities and Business Associates protect the security of Protected Health Information (PHI) in a variety of ways.  Specifically, HIPAA’s Security Rule sets forth various technical, administrative, and physical safeguards that must be enacted in order to ensure the […]

HIPAA Breach at Iowa Hospital Chain Highlights the Vulnerability of Electronic Medical Records and the Importance of Internal Audits

Another month, another HIPAA breach.  On October 2, 2013, UnityPoint Health, a large network of hospitals and clinics in Iowa and Illinois, announced that it had discovered a breach of its electronic medical records system and alerted the FBI.  The breach, in which a contractor gained access to the system over the course of […]

Theft of Personal Data of 4 Million Patients in Illinois

On August 23, 2013,  Advocate Medical Group (“AMG”), Illinois’s largest health care network, announced that four computers housing the personal information of over four million patients were stolen in the burglary of an administrative building on July 15, 2013.  Upon discovering the burglary, AMG immediately notified local police, who are […]

HIPAA Settlement Alert: WellPoint, Inc. Agrees to Pay $1.7 Million

On July 11, 2013, WellPoint, Inc. (“WellPoint”) entered into a Resolution Agreement (the “Agreement”) with the U.S. Department of Health and Human Services (“HHS”) to pay $1,700,000 to settle alleged privacy and security violations of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”).  The Agreement does not contain […]