[ Monday, September 24, 2018 ]
Jeff [2:12 PM]
Apparently, 2 employees of UMass Memorial Health Care
improperly accessed PHI of patients, and UMass has been fined $230,000 by the Massachusetts Attorney General for violating HIPAA. Not a whole lot more information there, but it's interesting for 2 points: it's the state AG enforcing the federal HIPAA statute (along with the state Consumer Protection Act and Data Security Law); and it's yet another example of "employees behaving badly" resulting in a big fine for a covered entity.
Blogger: HIPAA Blog - Edit your Template