As part of the announcement that Affinity will pay a more than $1.2 settlement for a breach of security, The Health and Human Services Office of Civil Rights says that healthcare organizations need to consider photocopy machines when examining their data security.
According to a Modern Healthcare article, the announcement suggested that all kinds of digital devices, including photocopy machines, need to be reviewed.
Affinity, a managed-care plan serving the New York metropolitan area, will pay the settlement for a breach of personally identifiable health records under the privacy and security protections of the Health Insurance Portability and Accountability Act of 1996.
Affinity reported the breach in April 2010 after learning from CBS News that patient-identifiable health information had been left on one of its copying machines, according to OCR documents. Affinity had sold the machine to a reseller in 2009. The OCR said it thinks Affinity actually sold about seven of its old machines containing member data, compromising confidentiality for more than 300,000 records.
Read the article.
Avoiding Mistakes in Healthcare Site Selection
Can Rural Hospitals Be Saved?
Ascension Saint Thomas Breaks Ground on Hospital and Health Campus in Tennessee
The Hidden Risks of QAC Disinfectants in Healthcare Facilities
Sprinkler Compliance: Navigating Code Mandates, Renovation Triggers and Patient Safety