HIPAA Violations

For only the second time in its history, OCR has ordered a HIPAA-covered entity to pay civil monetary penalties for HIPAA violations. Lincare Inc., is required to pay $239,800 for violations of the HIPAA Privacy Rule which were discovered during the investigation of a complaint about a breach of 278 patient records. The Privacy Rule…

Wisconsin-based health insurer, Centene Corporation, has announced the loss of six unencrypted computer hard drives containing the protected health information of approximately 950,000 of its members. The hard drives were being used for a project to improve the health outcomes of plan members. The individuals impacted by the security breach had all received laboratory services…

University of Washington Medicine has agreed to settle with the Department of Health and Human Services’ Office for Civil Rights, and will pay a HIPAA fine of $750,000 for potential HIPAA violations stemming from a 90,000-record data breach suffered in 2013 Flurry of HIPAA Enforcement Activity as 2015 Draws to a Close There has been…

The U.S. Women’s World Cup Soccer champions toured NYC celebrating their historic win, and were treated to a shower of confetti, some of which appeared to be made from medical prescription records. One local resident noticed the confetti contained writing and upon closer inspection, realized it was Protected Health Information. The confetti was photographed and…

The mega data breaches to hit large insurers and healthcare providers have been making the headlines in recent months; however the Department of Health and Human Services’ Office for Civil Rights (OCR) showed yesterday that even smaller healthcare providers must abide by HIPAA Rules or face the consequences. Yesterday, the OCR issued a statement on…

According to a Monday WCCO-TV news report, a nurse employed by Minnesota Blue Cross Blue Shield stands accused of illegally accessing a state database containing the prescription drug records of approximately 1 million state residents. The database – administered by the Minnesota Board of Pharmacy – contains names, addresses and prescription records and was set…

The Medical College of Wisconsin has issued a statement announcing a data breach that has affected approximately 400 of its patients. WDJT Milwaukee, an affiliate of CBS, was contacted on Feb 28, 2015 by a spokesperson for the Medical College of Wisconsin detailing a data breach which exposed some confidential information of its patients. The…

TYLER, TEXAS – A former employee of an East Texas hospital has been sentenced to federal prison for criminal HIPAA violations in the Eastern District of Texas, announced U.S. Attorney John M. Bales. Joshua Hippler, 30, formerly of Longview, Texas, pleaded guilty on Aug. 28, 2014, to wrongful disclosure of individually identifiable health information and…

California prosecutors have reached a $9.87 million settlement with the grocery store chain Safeway for improperly disposing of pharmacy records and hazardous waste in dumpsters. The patient records contained private and confidential medical information and should have been destroyed or rendered unreadable according to California’s Confidentiality of Medical Information Act and the Health Insurance Portability…