UMass Amherst will pay a HIPAA fine after a workstation was infected with a malware program, which resulted in the disclosure of electronic protected health information, according to an article on the Campus Security website.
The settlement includes a corrective action plan and a payment of $650,000.
According to the U.S. Department of Health and Human Services, UMass failed to designate all of its healthcare components when hybridizing, incorrectly determining that while its University Health Services was a covered healthcare component, other components, including the location where the breach of ePHI occurred, were not covered components.
Because UMass failed to designate the location as a healthcare component, UMass did not implement policies and procedures at the center to ensure compliance with the HIPAA Privacy and Security Rules.
Grounding Healthcare Spaces in Hospitality Principles
UC Davis Health Selects Rudolph and Sletten for Central Utility Plant Expansion
Cape Cod Healthcare Opens Upper 2 Floors of Edwin Barbey Patient Care Pavilion
Building Sustainable Healthcare for an Aging Population
Froedtert ThedaCare Announces Opening of ThedaCare Medical Center-Oshkosh