As part of the announcement that Affinity will pay a more than $1.2 settlement for a breach of security, The Health and Human Services Office of Civil Rights says that healthcare organizations need to consider photocopy machines when examining their data security.
According to a Modern Healthcare article, the announcement suggested that all kinds of digital devices, including photocopy machines, need to be reviewed.
Affinity, a managed-care plan serving the New York metropolitan area, will pay the settlement for a breach of personally identifiable health records under the privacy and security protections of the Health Insurance Portability and Accountability Act of 1996.
Affinity reported the breach in April 2010 after learning from CBS News that patient-identifiable health information had been left on one of its copying machines, according to OCR documents. Affinity had sold the machine to a reseller in 2009. The OCR said it thinks Affinity actually sold about seven of its old machines containing member data, compromising confidentiality for more than 300,000 records.
Read the article.
Case Study: How NYU Langone Rebuilt for Resilience After Superstorm Sandy
Frederick Health Hospital Faces 5 Lawsuits Following Ransomware Attack
Arkansas Methodist Medical Center and Baptist Memorial Health Care to Merge
Ground Broken on Intermountain Saratoga Springs Multi-Specialty Clinic
Electrical Fire Tests Resilience of Massachusetts Hospital