HomeCompliance Update → HIPAA Violation Results in $4.3M Fine for Cancer Center

HIPAA Violation Results in $4.3M Fine for Cancer Center Print E-mail
Written by Vitale Health Law   
Tuesday, 03 July 2018 12:16
If you haven’t taken stringent measures to protect patient privacy, this recent ruling from a U.S. Department of Health and Human Services Administrative Law Judge might spur you into action.
The ALJ ruled that University of Texas MD Anderson Cancer Center violated HIPAA Privacy and Security Rules and granted summary judgment to the Office for Civil Rights (OCR) requiring the institution to pay $4.3 million in civil money penalties. This was just the second summary judgment victory in OCR’s history of HIPAA enforcement and the $4.3 million is the fourth largest amount ever awarded to OCR by an ALJ or secured in a settlement for HIPAA violations, according to OCR.

The ruling grew out of an investigation conducted by OCR following three separate data breach reports in 2012-13 involving the theft of an unencrypted laptop from the home of an MD Anderson employee, along with the loss of two unencrypted USB thumb drives that contained the personal health information of more than 33,500 patients.
Last Updated on Tuesday, 03 July 2018 12:22

Website design, development, and hosting provided by