[ Monday, September 24, 2018 ]
Apparently,
2 employees of UMass Memorial Health Care improperly accessed PHI of patients, and UMass has been fined $230,000 by the Massachusetts Attorney General for violating HIPAA. Not a whole lot more information there, but it's interesting for 2 points: it's the state AG enforcing the federal HIPAA statute (along with the state Consumer Protection Act and Data Security Law); and it's yet another example of "employees behaving badly" resulting in a big fine for a covered entity.
Jeff [2:12 PM]
http://www.blogger.com/template-edit.g?blogID=3380636
Blogger: HIPAA Blog - Edit your Template