SAN News Bites: Vol. 10, Num. 57; 7/22/2008
--Seattle Home Healthcare Co. Agrees to Pay US $100,000 to Settle HIPAA Violations (July 18, 2008) Providence Health & Services of Seattle, a home health care services company, has paid US $100,000 to resolve complaints about breaches of information privacy and security rules. The company will also make changes to its policies and procedures to guard against similar incidents. Providence acknowledges that laptop computers, disks and tapes that held patient health records were taken from employees' cars five times in 2005 and 2006. The information on the devices is covered by the Health Insurance Portability and Accountability Act (HIPAA).
Providence notified affected patients and the Department of Health and Human Services (HHS). More than 30 patients filed complaints with HHS.
The US $100,000 payment is the outcome of a HHS investigation and precludes the need to impose a civil penalty.
http://www.govhealthit.com/online/news/350464-1.html
http://www.hhs.gov/ocr/privacy/enforcement/agreement.pdf
[Editor's Note (Ullrich): Some healthcare providers are watching closely to see whether the fines make it worthwhile for them to pay more attention to HIPAA. I am not sure $100,000 is enough to will do the trick.]
No comments:
Post a Comment