Massachusetts Eye and Ear Infirmary and Massachusetts Eye and Ear Associates, Inc., (MEEI) has agreed to settle with the U.S. Department of Health and Human Services (HHS) for $1.5 million for potential violations of the HIPAA Security Rule. The HHS Office for Civil Rights conducted an investigation after MEEI reported that an unencrypted personal laptop containing sensitive health data was stolen. The investigation found MEEI “failed to take necessary steps to comply with certain requirements of the Security Rule.” In addition to the fine, MEEI will now review, revise and maintain policies and procedures to comply with the rule and will undergo independent compliance assessments for three years. Meanwhile, Lahey Clinic Hospital has alerted patients of a breach.
If you want to comment on this post, you need to login.