September 21, 2012

Massachusetts hospital to pay HIPAA fine

Following the theft of a doctor's unencrypted personal laptop storing data on patients and research subjects, Massachusetts Eye and Ear Infirmary and Massachusetts Eye and Ear Associates (collectively MEEI) have agreed to pay the U.S. Department of Health and Human Services (HHS) $1.5 million to settle potential violations of the Security Rule within the Health Insurance Portability and Accountability Act of 1996 (HIPAA). MEEI was also ordered to follow a new Corrective Action Plan (CAP) to ensure it complies with HIPAA, perform risk assessment, train staff and submit to semi-annual audits for three years. The doctor was travelling abroad in 2010 when his laptop – holding prescriptions and clinical information on around 3,500 patients – was stolen.

Related Articles
Related Topics

Sign up to our newsletters

More in News

Three LulzSec members plead guilty in London

Ryan Ackroyd, 26; Jake Davis, 20; and Mustafa al-Bassam, 18, who was not named until now because of his age, all admitted their involvement in the hacktivist gang's attack spree.

WordPress tightens security with two-factor authentication

The new feature is immediately available for users and "secret" codes can be accessed via SMS or through the Google Authenticator app.

Microsoft fixes three "critical" flaws with Patch Tuesday release

The biggies are two vulnerabilities in Internet Explorer and a single weakness in Remote Desktop Connection.