[ Monday, September 24, 2018 ]


Apparently, 2 employees of UMass Memorial Health Care improperly accessed PHI of patients, and UMass has been fined $230,000 by the Massachusetts Attorney General for violating HIPAA.  Not a whole lot more information there, but it's interesting for 2 points: it's the state AG enforcing the federal HIPAA statute (along with the state Consumer Protection Act and Data Security Law); and it's yet another example of "employees behaving badly" resulting in a big fine for a covered entity.

Jeff [2:12 PM]

Comments: Post a Comment
http://www.blogger.com/template-edit.g?blogID=3380636 Blogger: HIPAA Blog - Edit your Template