Health Care Provider Subject to HIPAA Fine

Posted by BAS - 03 September, 2020


A small community health service organization was subject to a $25,000 fine and required to enter into a corrective action plan as part of a settlement for a breach of the HIPAA Security Rule. Metropolitan Community Health Services is a federal qualified health center providing discounted medical services to the underserved in rural North Carolina.

The Agreement with the Office for Civil Rights stemmed from a June 2011 breach report identifying the disclosure of protected health information to an unknown email account. The breach related to 1,263 patients. Investigation revealed that Metro did not comply with the Security Rule and didn’t train employees about HIPAA until 2016. The resolution agreement and corrective action plan may be accessed by clicking here.

Topics: MyEnroll360 Security, HR & Benefit Plans, HR & Benefits News, Technology News

Recent Posts

Question of the Week

read more

HIPAA Security Rule Resources

read more

MyEnroll360 Notes

read more