Health Care Provider Subject to HIPAA Fine

Posted by BAS - 03 September, 2020

header-picture

A small community health service organization was subject to a $25,000 fine and required to enter into a corrective action plan as part of a settlement for a breach of the HIPAA Security Rule. Metropolitan Community Health Services is a federal qualified health center providing discounted medical services to the underserved in rural North Carolina.

The Agreement with the Office for Civil Rights stemmed from a June 2011 breach report identifying the disclosure of protected health information to an unknown email account. The breach related to 1,263 patients. Investigation revealed that Metro did not comply with the Security Rule and didn’t train employees about HIPAA until 2016. The resolution agreement and corrective action plan may be accessed by clicking here.

Topics: MyEnroll360 Security, HR & Benefit Plans, HR & Benefits News, Technology News


Recent Posts

“Wait—Can Ally Really Answer That?” Surprising (But True) Questions Our AI Can Handle

read more

Question of the Week - Missed COBRA Notice

read more

Fraud Prevention in Benefits Administration: Protecting Plans and Participants

read more