HIPAA violations cost county $215K

March 10, 2014 in Medical Technology

In the first settlement of its kind, Skagit County, Washington will pay the Department of Health and Human Services $215,000 to make up for deficiencies in its HIPAA compliance program.

HHS’s Office for Civil Rights launched an investigation of Skagit County after a breach report showed money receipts with electronic protected health information of seven people had been accessed after the PHI had been inadvertently moved to a publicly accessible server maintained by the county.

The inquiry revealed an even broader exposure of PHI — one that affected 1,581 individuals, according to HHS officials. Many of the accessible files involved sensitive information, including information about the testing and treatment of infectious diseases.

[See also: OCR: 'Pay attention to details'.]

Beyond those findings, OCR uncovered Skagit County’s “general and widespread non-compliance” with HIPAA privacy, security and breach notification rules, officials say.

“This case marks the first settlement with a county government and sends a strong message about the importance of HIPAA compliance to local and county governments, regardless of size,” said Susan McAndrew, deputy director of health information privacy at OCR. “These agencies need to adopt a meaningful compliance program to ensure the privacy and security of patients’ information.”

[See also: Lawyer offers tips for HIPAA compliance.]

Skagit County is located in Northwest Washington and is home to approximately 118,000 residents. The Skagit County Public Health Department provides services to many individuals who would otherwise not be able to afford healthcare.

County officials continue to cooperate with OCR through a corrective action plan to ensure it has written policies and procedures, documentation requirements, training and other measures to comply with the HIPAA, say HHS officials. The corrective action plan requires Skagit County to provide regular status reports to OCR.

Read the full resolution agreement here.

Be the first to like.
VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

Article source: http://www.healthcareitnews.com/news/hipaa-violations-cost-county-215k

Be Sociable, Share!
Bookmark and Share

Leave a reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>