[ Friday, September 12, 2014 ]
Huntsville, AL Lab Data Breach:
Jeff [9:57 AM]
A clinical lab in my old hometown of Huntsville, Alabama is notifying patients, since their billing contractor put some of their data on a server that was accessible to Google
searches. They've notified 7,000 patients. Presumably the lab had a business associate agreement with the billing company, and presumably that BAA will require the billing company to pay for the notification.
Is this "willful neglect"? If so, expect a sizeable fine.
Blogger: HIPAA Blog - Edit your Template