September 21, 2012

Massachusetts hospital to pay HIPAA fine

Following the theft of a doctor's unencrypted personal laptop storing data on patients and research subjects, Massachusetts Eye and Ear Infirmary and Massachusetts Eye and Ear Associates (collectively MEEI) have agreed to pay the U.S. Department of Health and Human Services (HHS) $1.5 million to settle potential violations of the Security Rule within the Health Insurance Portability and Accountability Act of 1996 (HIPAA). MEEI was also ordered to follow a new Corrective Action Plan (CAP) to ensure it complies with HIPAA, perform risk assessment, train staff and submit to semi-annual audits for three years. The doctor was travelling abroad in 2010 when his laptop – holding prescriptions and clinical information on around 3,500 patients – was stolen.

Related Articles
Related Topics

More in News

Privacy-bolstering "Apps Act" introduced in House

The bill would provide consumers nationwide with similar protections already enforced by a California law.

Microsoft readies permanent fix for Internet Explorer bug used in energy attacks

Microsoft is prepping a whopper of a security update that will close 33 vulnerabilities, likely including an Internet Explorer (IE) flaw that has been used in targeted website attacks against the U.S. government.

Weakness in Adobe ColdFusion allowed court hackers access to 160K SSNs

Up to 160,000 Social Security numbers and one million driver's license numbers may have been accessed by intruders.