Idaho Hospice Paying $50,000 For HIPAA Violation


January 7, 2013

A small hospice in North Idaho will have $50,000 less in their annual budget due to having a HIPAA violation fine levied against them for an incident dating back to 2010.

Being hailed as the first ever HIPAA breach settlement involving fewer than 500 patients, the Hospice of North Idaho (HONI) will have to pay the Department of Health and Human Services (HHS) $50,000 stemming from a laptop theft of 441 patient records in June 2010.

In a Healthcare IT article written by Erin McCann, she reported that the HHS Office for Civil Rights conducted a thorough investigation and found that HONI had not conducted adequate risk analysis to safeguard patient health records.

We are almost certain that this sort of judgment passed on a relatively small HIPAA violation will send a message to small healthcare clinics and practices about the importance of safeguarded confidential material and electronic patient records.

Recently, an Indiana-based healthcare facility had 29,000 records compromised from another unencrypted laptop theft. Securing patient records is not a difficult task to undertake when you have the skills of a healthcare or security minded IT consulting company looking after your practice or healthcare organization.

In the Idaho example, HONI did not have policies and procedures in place to address mobile device security as required by the HIPAA security regulations. Since the compromise HONI has taken steps to improve their HIPAA privacy and security compliance program. These after actions steps are sure to have influenced the final penalty.

Brenda Wild, President at HONI said in McCann’s article that they take this incident seriously and have taken measures to ensure the security and privacy of patient information meets HIPAA standards.

The best time to ensure you meet HIPAA standards is well before an incident occurs. HONI will have their name mentioned numerous times online and the $50,000 fine is a small penalty compared to the hit to their reputation and confidence of those they serve.

We would like to help you by ensuring you have all the requirements of HIPAA met. Contact us immediately to book a no obligation review of your security and compliance standards and to have a discussion on what you need to do to prevent this from happening to you.

Call today.

We're Integris. We're always working to empower people through technology.

Keep reading

How the Best IT Companies in Minnesota Support the Hybrid Workforce

How the Best IT Companies in Minnesota Support the Hybrid Workforce

After the initial shutdowns and stay-at-home orders lifted following COVID-19, workers throughout the United States and Minnesota decided that the work-from-home model was here to stay. It makes sense -- working from home offers a lot of convenience to your team – and...

Do I Need To Improve My Endpoint Protection?

Do I Need To Improve My Endpoint Protection?

A compromised endpoint gives hackers everything they need to get a foothold in your security network. Once there, they can steal data and potentially hold it for ransom. That’s why it’s so important for business owners to secure their critical endpoints (including...

Multi-Factor Authentication

Multi-Factor Authentication

Granting access to information is a necessity, as is security for both the user needing access and for the information for which access is being granted. The best way to handle this is by establishing user accounts for users. This does several things at once: Allows...