Another HIPAA settlement – this time for $1.5 million for the theft of an unencrypted personal laptop with patient information on it. This theft was self-reported as a breach by the covered entity, Massachusetts Eye and Ear, Inc., which spawned an investigation by the Department of Health and Human Services (“HHS”). The HHS ultimately determined that the covered entity had failed to conduct an adequate risk analysis of portable electronic devices and implement appropriate security measures for those devices, violating the HIPAA Security Rule.
The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.