HIPAA Blog

[ Thursday, January 02, 2020 ]

 

OCR has fined West Georgia Ambulance $65,000 for a breach involving a lost unencrypted laptop.  Of course, the real reason for the fine is that the company had failed to do a risk analysis and take other basic HIPAA hygiene steps (which, had they done so, might've led them to encrypt the laptop, which would have mooted this entire episode).

Of particular interest here is the relatively small size of the fine; I suspect that West Georgia couldn't afford more, so this probably stings pretty badly.  But that's the point, and I applaud OCR for the apparent reasonableness of the fine.  In my opinion, they should issue more smaller fines, rather than just a few big ones.  That's more likely to get people into compliance.  

Jeff [12:51 PM]

Comments: Post a Comment
http://www.blogger.com/template-edit.g?blogID=3380636 Blogger: HIPAA Blog - Edit your Template