The U.S. Office for Civil Rights announced the Department of Health and Human Services and Sentara Hospitals have agreed to a settlement of $2.175 million for Sentara’s alleged violations of the Health Insurance Portability and Accountability Act Breach Notification and Privacy Rules. The fine is a result of improper data breach notifications and Sentara's repeated failure to notify OCR after the discovery of the data breaches were first made in 2017. Sentara has 12 acute care hospitals and more than 300 health care sites throughout Virginia and North Carolina. The settlement comes two months after OCR fined Jackson Health System $2.15 million for HIPAA violations.
If you want to comment on this post, you need to login.