Memorial Healthcare System, of Hollywood, Florida, has settled with the U.S. Department of Health and Human Services for $5.5 million following a HIPAA violation. It must also institute "a robust corrective action plan." While Memorial did have access control policies in place, a former employee of an affiliated physician's office was still able to access protected health information repeatedly, without detection, for a year, affecting 80,000 individuals. Acting HHS Office for Civil Rights Director Robinsue Frohboese said the settlement shows "organizations must implement audit controls and review audit logs regularly." Editor's Note: IAPP members can get tools, guidance and insight on HIPAA in the IAPP Resource Center.
Full Story
Comments
If you want to comment on this post, you need to login.