The U.S. Department of Health and Human Services has announced the largest fine to date related to a HIPAA data breach. The fine, totaling $4.8 million, was levied against two entities as part of two affiliated entities that had shared patient information. The breach involved a physician inadvertently taking down a firewall that had protected patient health information. As the result of the loss of the firewall, 6,800 patients’ data was available on the internet.
The breach demonstrates that practices need to be aware not only of missing laptops and snooping employees, but ensuring technical compliance throughout the organization. More information on this case, can be found here: Data Breach Results in $4.8 Million HIPAA Settlements
For more information on how to protect your practice, contact a member of our Health Law team.