First HIPAA Settlement with County Government

more+
less-
more+
less-

On March 6, 2014, the Department of Health and Human Services’ Office for Civil Rights settled potential HIPAA violations with the Skagit County Public Health Department in Washington State for $215,000. Initially, OCR’s investigation focused on potential access of seven individuals’ ePHI on a public County server, which included ePHI related to infectious disease testing and treatment. The investigation later revealed ePHI of approximately 1,600 individuals to be at issue. The settlement not only addresses the improper access, but also the County’s failure to issue proper breach notices and to maintain adequate security measures, going back to as early as 2005. This first settlement with a county government clearly emphasizes the importance of HIPAA compliance in both the private and public sector, and not only in the area of breach reporting, but in maintaining and enforcing proactive policies and procedures.

Topics:  Data Protection, EHR, Healthcare, HIPAA, PHI, Settlement

Published In: Health Updates, Privacy Updates, Science, Computers & Technology Updates

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Ober|Kaler | Attorney Advertising

Don't miss a thing! Build a custom news brief:

Read fresh new writing on compliance, cybersecurity, Dodd-Frank, whistleblowers, social media, hiring & firing, patent reform, the NLRB, Obamacare, the SEC…

…or whatever matters the most to you. Follow authors, firms, and topics on JD Supra.

Create your news brief now - it's free and easy »