Hospice of North Idaho has agreed to pay the U.S. Department of Health and Human Services (HHS) $50,000 to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA). This is the first settlement involving a breach impacting fewer than 500 people, according to an article in Campus Security magazine.
An investigation into the breach began after the hospice reported an unencrypted laptop that held health information for 441 patients had been stolen in June 2010. The HHS Office for Civil Rights determined the hospice had not taken the steps to create policies for mobile device security required for HIPAA compliance, according to Campus Security.
In an effort to prevent these types of breaches, HHS has launched a new program offering tips to healthcare providers on ways to protect patient health information when using mobile devices such as laptops and smartphones. For more information on the program, visit HealthIT.gov.
ISSA Introduces Healthcare Platform to Advance Safer, Cleaner Patient Environments
Third-Party Tracking Settlement is a Compliance Wake-Up Call for Healthcare Facilities Managers
ECU Health Behavioral Health Hospital Hosts Ribbon-Cutting Ceremony for New Facility
Aspire Rural Health System Reports Data Security Incident
Fatal Flaws: Strategies for Active Attackers