HHS Announces Settlement in Small Data Breach

data breachThe HHS’ Office for Civil Rights announced last week the settlement of potential HIPAA violations stemming from a data breach affecting less than 500 individuals.  The Office for Civil Rights noted that this is the first settlement for a breach of this smaller size, though there have been over 60,000 such breaches in less than three years (compared with 525 larger breaches involving 500 or more people).

The Hospice of North Idaho (HONI) reported the theft of an unencrypted laptop computer in June 2010; this laptop contained protected health information (PHI) for 441 patients.  In the course of investigating, the OCR determined that HONI did not have policies or procedures in place to address mobile device security, nor had it conducted a risk analysis to safeguard the protected data.  In a news release announcing the $50,000 settlement agreement with HONI, OCR Director Leon Rodriguez stated, “This action send a strong message to the health care industry that, regardless of size, covered entities must take action and will be held accountable for safeguarding their patients’ health information.”

Data breaches resulting in potential violations of HIPAA security rules are a serious matter and need to be safeguarded against.  Whether you’re using medical billing software like Medisoft or EMR software like Lytec MD, it’s vital that data is kept confidential and safe.  Microwize Technology can help.