The owner of four clinics in Maryland has been fined $4.3 million for HIPAA privacy rule violations that involved failing to provide 41 patients with access to their medical records and then failing to cooperate with federal investigators.
The federal list of major health information breaches included 240 incidents affecting 6.5 million individuals as of Thursday. But that number soon could grow substantially as a result of incidents that made headlines this week.
Some 1.7 million individuals are being notified of a health information breach incident involving data from The New York City Health and Hospitals Corp. It's the largest breach reported so far under the HITECH Act breach notification rule.
The University of Iowa Hospitals and Clinics is firing three employees and giving two others five-day unpaid suspensions because they inappropriately accessed the electronic health records of 13 student-athletes.
In the second major healthcare hacking attempt reported to federal authorities in recent weeks, a Tampa practice has notified 156,000 individuals that a hacker accessed a server containing its practice management system, which stores patient information.
Implementing electronic health records software that includes security components is just the first of many steps involved in ensuring security, says Bonnie Cassidy, president of the American Health Information Management Association.
Clinics applying for HITECH Act electronic health records incentive payments are getting a reminder about the importance of information security, says Robert Tennant of the Medical Group Management Association