[ Friday, September 12, 2014 ]


Huntsville, AL Lab Data Breach: A clinical lab in my old hometown of Huntsville, Alabama is notifying patients, since their billing contractor put some of their data on a server that was accessible to Google searches.  They've notified 7,000 patients.  Presumably the lab had a business associate agreement with the billing company, and presumably that BAA will require the billing company to pay for the notification.

Is this "willful neglect"?  If so, expect a sizeable fine.

Jeff [9:57 AM]

Comments: Post a Comment
http://www.blogger.com/template-edit.g?blogID=3380636 Blogger: HIPAA Blog - Edit your Template