Michael J. Kline writes: My partner Elizabeth Litten was quoted at length by Alexis Kateifides in his recent article in DataGuidance entitled “USA: ‘Unique’ HIPAA violation results in $800,000 settlement.” While the full text can be found in the June 26, 2014 article in DataGuidance.com, the following considerations are based upon points discussed in the… Continue Reading
Covered entities and business associates should be aware of tools being used by the federal Office of Civil Rights and State Attorneys General to deter and catch HIPAA privacy and security breaches that may be similar to the red light cameras designed to deter and catch traffic violations.
As reported by Ben Keller at DataGuidance.com., Indiana Attorney General Greg Zoeller announced, on July 5, 2011, that health insurer WellPoint Inc. has agreed to pay $100,000 for a data breach that occurred between October 2009 and March 2010.
Last week for the first time, the Office for Civil Rights of HHS reported exacting heavy financial obligations from (i) Cignet Health on February 22, 2011, with a $4.3 million civil monetary penalty assessment for violations of the HIPAA Privacy Rule, and (ii) Massachusetts General Hospital on February 24, 2011, for a settlement that includes a payment to the U.S. government of $1,000,000 for potential violations of HIPAA.
On January 18, 2011, the office of Attorney General William Sorrell of Vermont announced in a press release that it had settled a lawsuit against Health Net, Inc., involving an alleged PHI security breach, by means of a consent decree which requires court approval.