Wills, Trusts & Estates Prof Blog

Editor: Gerry W. Beyer
Texas Tech Univ. School of Law

Monday, September 24, 2012

Hospital Accused of Violating HIPAA and Settles for $1.5 Million

Images-3In 2010, a Doctor's computer containing unencrypted patient data was stolen from Massachusetts Eye and Ear Infirmary and Massachusetts Eye and Ear Associates Inc. (MEEI).  The Department of Health and Human Services Office for Civil Rights (OCR) investigated the incident after the hospital released a data breach report. The investigation found that MEEI failed to take necessary steps to protect patients' information from unauthorized users.

Recently, that hospital has agreed to pay $1.5 million to the federal government to settle allegations that it violated the Health Insurance Portability and Accountability Act (HIPAA) by failing to properly protect patients' protected health information.  The hospital commented that it was disappointed by the size of this settlement, as no patients were harmed in this data breach.  However, in addition to the settlement, MEEI also agreed to a corrective action plan that will review and revise its policies to comply with the Security Rule within HIPAA requirements.  

An incident like this could happen to attorneys if any of their portable devices were stolen. One thing attorneys should take away from this event is to take extra caution in protecting confidential information. 

See Kendra Casey Plank, Massachusetts Hospital Agrees to Pay $1.5M to Settle HIPAA Violation Allegations, Bloomberg BNA, Sept. 19, 2012. 

Special thanks to Brian Cohan (Attorney at Law, Law Offices of Brian J. Cohan, P.C.) for bringing this blog to my attention.


Current Events, Professional Responsibility | Permalink

TrackBack URL for this entry:


Listed below are links to weblogs that reference Hospital Accused of Violating HIPAA and Settles for $1.5 Million:


Post a comment