[ Tuesday, July 31, 2012 ]
Accretive settles for $2.5 million
, and agrees not to do business in Minnesota. No admission of wrongdoing, naturally.UPDATE: here's the AG's site
. Note that the entire episode started with a stolen laptop. That is, in fact, a potential HIPAA breach, depending on whether it would have been reasonable to more closely protect the laptop, to not put sensitive data on a laptop, to encrypt the data on the laptop if it was going mobile, etc. It is likely a data breach, even if it's not a HIPAA breach. However, make no mistake: the ugliness of this case has nothing to do with HIPAA. If Accretive did anything egregiously wrong, it was in violating debt collection laws, not in violating HIPAA. Also keep in mind that the debts Accretive was collecting were real debts, regardless of the personal plights of the debtors.
Hat tip: Theresa Defino
Jeff [11:35 AM]
Blogger: HIPAA Blog - Edit your Template