Physician Group to Pay $750,000 to Settle a HIPAA Violation

Posted by J. Nicole Martin on September 03, 2015
HHS, HIPAA, OCR

In August 2012, a Physician Group—comprising of nearly 20 physicians—reported its HIPAA breach to HHS, which resulted from a laptop bag containing the employee’s laptop and a computer server backup being stolen from an employee’s car in July 2012. According to the Resolution Agreement between HHS and the Physician Group, the laptop did not contain ePHI, but the portable, unencrypted server backup in the employee’s bag did. The backup contained ePHI for 55,000 individuals. To settle this matter, the Physician Group has agreed to pay $750,000.

Although stolen laptops and lack of encryption is nothing new in the world of HIPAA breaches, this situation stands out for a few reasons:

  •  The Physician Group did not conduct “an accurate and thorough” risk assessment;
  •  The significance of encryption extends not only to desktop computers and laptops, but also to portable devices, including but not limited to computer server backups; and
  • This is a notable fine for a Physician Group of less than 20 physicians.

For more information regarding this incident and HIPAA compliance, including the importance of encryption and risk assessments, contact J. Nicole Martin or any member of Cozen O’Connor’s healthcare law team.

 

 

J. Nicole Martin

J. Nicole Martin

Nicole assists accountable care organizations, health care systems, long term care providers (e.g., skilled nursing facilities, continuing care retirement communities), behavioral and mental health providers, medical device manufacturers, physician practices, and pharmacies with their compliance, regulatory, and transactional needs. Nicole’s practice includes providing clients with counsel regarding telehealth laws, HIPAA/HITECH and state privacy and security laws, data breaches, business associate and covered entity obligations, licensure laws, Medicare, Medicaid and third-party payer matters, medical staff issues, and fraud and abuse laws.

More Posts - Website

Tags: , , , , , , ,

Leave a Reply

Your email address will not be published. Required fields are marked *