HHS and Covered Entity Agree to HIPAA Corrective Action Plan; $100,000 Penalty
The U.S. Department of Health and Human Services ("HHS") recently entered into a Resolution Agreement with Providence Health & Services ("Providence") of Seattle to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 ("HIPAA") Privacy and Security Rules. Under the Resolution Agreement, Providence agrees to pay $100,000 and implement a corrective action plan to insure that identifiable electronic patient information is appropriately safeguarded. Additionally, Providence has agreed to revise its policies and procedures regarding physical and technical safeguards governing the offsite transport and storage of electronic media containing patient information; train its workforce members on such safeguards; conduct audits and site visits of its facilities; and submit compliance reports to HHS for a period of three years. The Resolution Agreement relates to the loss of electronic backup media and laptop computers in 2005 and 2006.
For additional information, please see the HHS Press Release and the full text of the Resolution Agreement.
Paul Welk
412-594-5536
pwelk@tuckerlaw.com
|
Posted By Michael Cassidy In HIPAA
|
0 Comments |
Permalink
HHS Office for Civil Rights Issues Guidance on Communicating with A Patient's Family, Friends, and Others Involved in the Patient's Care
The U. S. Department of Health and Human Services Office for Civil Rights recently issued helpful guidance for health care providers relative to communicating with a patient's family, friends or others involved in the patient's care. The guidance contains a number of commonly asked HIPAA questions as well as a helpful chart relative to disclosures. This guidance, along with a well drafted HIPAA Compliance Plan, can assist health care providers in complying with the requirements of the HIPAA Privacy Rule.
Paul Welk
412-594-5536
pwelk@tuckerlaw.com
|
Posted By Michael Cassidy In HIPAA
|
0 Comments |
Permalink