$1.2 Million Settlement Agreement Announced for HIPAA Charges Involving Leased Photocopiers

more+
less-

The Department of Health and Human Services announced on August 14, 2013, that it entered into a settlement agreement with Affinity Health Plan, Inc. (Affinity) resolving allegations that Affinity violated the Health Insurance Portability and Accountability Act (HIPAA).  In 2010, as required by the Health Information Technology for Economic and Clinical Health Act, Affinity reported a data breach involving protected health information (PHI) on leased photocopiers.  Affinity had failed to properly erase the hard drives of its leased photocopiers before returning them to the supplier, resulting in the disclosure of the PHI of 344,579 individuals. 

In addition to a $1.2 million payment to the federal government, the settlement agreement also required Affinity to enter into a corrective action plan to secure PHI by retrieving the photocopier hard drives it previously used, conduct a risk analysis, and revise its PHI containment policies and procedures as necessary.  The settlement agreement, available here, serves as a reminder that not only does HIPAA require confidential treatment of PHI, but also the ongoing analysis of security risks and implementation of policies to secure PHI.  To assist businesses in developing such policies, the Federal Trade Commission has issued a guide regarding the secure treatment of information stored on photocopier hard drives, available here.  

Reporter, Paige Fillingame, Houston, +1 713 615 7632, pfillingame@kslaw.com

Topics:  Data Breach, Data Protection, HHS, HIPAA, Office Equipment, PHI, Settlement

Published In: Health Updates, Privacy Updates, Science, Computers & Technology Updates

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© King & Spalding | Attorney Advertising

Don't miss a thing! Build a custom news brief:

Read fresh new writing on compliance, cybersecurity, Dodd-Frank, whistleblowers, social media, hiring & firing, patent reform, the NLRB, Obamacare, the SEC…

…or whatever matters the most to you. Follow authors, firms, and topics on JD Supra.

Create your news brief now - it's free and easy »