News & Views

Breaking Benefits News

$1.5 Million HIPAA Violation.

Another HIPAA settlement – this time for $1.5 million for the theft of an unencrypted personal laptop with patient information on it. This theft was self-reported as a breach by the covered entity, Massachusetts Eye and Ear, Inc., which spawned an investigation by  the Department of Health and Human Services (“HHS”). The HHS ultimately determined that the covered entity had failed to conduct an adequate risk analysis of portable electronic devices and implement appropriate security measures for those devices, violating the HIPAA Security Rule.

Printable PDF