A Boston hospital had to pay a $100,000 fine for a HIPAA data breach resulting from laptop theft.
In 2012, a laptop was stolen from a doctor who failed to follow the Hospital’s computer encryption policy. The unencrypted laptop contained protected health information of about 4,000 patients and employees.
The hospital did not notify individuals that their information was compromised until more than 60 days after discovery of the incident. The settlement includes a penalty and a $15,000 allotment to educational programs relating to protecting personal health information.
