As part of the announcement that Affinity will pay a more than $1.2 settlement for a breach of security, The Health and Human Services Office of Civil Rights says that healthcare organizations need to consider photocopy machines when examining their data security.
According to a Modern Healthcare article, the announcement suggested that all kinds of digital devices, including photocopy machines, need to be reviewed.
Affinity, a managed-care plan serving the New York metropolitan area, will pay the settlement for a breach of personally identifiable health records under the privacy and security protections of the Health Insurance Portability and Accountability Act of 1996.
Affinity reported the breach in April 2010 after learning from CBS News that patient-identifiable health information had been left on one of its copying machines, according to OCR documents. Affinity had sold the machine to a reseller in 2009. The OCR said it thinks Affinity actually sold about seven of its old machines containing member data, compromising confidentiality for more than 300,000 records.
Read the article.
Why More Facilities are Adding Gender Neutral Restrooms
Massachusetts Hospital Cyberattack Reflects Growing Vulnerability in Healthcare Systems
Novant Health Breaks Ground on Summers Corner Healthcare Hub
Ensuring Successful Capital Project Management
C. auris: A Growing Threat to Healthcare Facilities