A Massachusetts hospital was recently fined $218,000 for allowing employees to use a file-sharing application to store patient information.
St. Elizabeth’s Medical Center entered into an agreement to pay the Office for Civil Rights for possible HIPAA violations. The settlement came from a complaint filed by hospital employees who said the web-based document sharing application stored patient information without proper security controls. The settlement was entered into even though the complaint did not prove that patient information had been viewed or misused.
Doctors many times have to exchange patient information with third parties. However, using a web-based application does not necessarily protect the transfer of information. Instead, the transfer of information should be performed encrypted, by secure file transfer, or in another safe manner.
BAS offers secure file transfer through MyEnroll.com. In addition, all MyEnroll.com data is encrypted both at rest and in transit.