Blog Layout

Record $5.5 million HIPAA penalty doled out

Detangle IT • September 5, 2016
Record $5.5 million HIPAA penalty doled out

2016September5_HealthcareArticles_AIf your organization hosts data regulated by the US government, you're familiar with the scare tactics used to sell hosting services. But what lurks behind those vague threats of expensive lawsuits and unfair liability burdens? HIPAA is nearly 100 pages long and few providers actually know what it requires. Unfortunately, it took a massive breach of healthcare-record data to give us a clearer picture, but let’s take a closer look at what we can glean from the incident.

As the largest fully integrated healthcare system in Illinois, Advocate Health Care Network’s mismanagement of electronic medical records (EMR) came as quite a shock. Regardless of your feelings on such a sizable provider being unable to maintain secure EMRs, what can’t be argued is the precedent set by last month’s $5.5-million settlement.

How exactly did it come to such a historic penalty? The answer is threefold. Firstly, Advocate failed to perform the risk assessments mandated by HIPAA regulations -- an oversight that could have potentially prevented the other two infractions. Secondly, Chicago’s premier healthcare network failed to obtain proper written agreements with each of the business partners who had access to its data, which may have gone unnoticed if one of its associates had not been the subject of a security breach.

The final infraction, and arguably the most directly relevant to Advocate’s internal security policies, was the unsatisfactory safeguards in place on two stolen laptops with confidential medical information. While the breach of its business partner’s network only put 2,000 EMRs at risk, the stolen computers had access to almost 4 million.

So, if you’re tired of vague platitudes about ‘penalties for lax data compliance’ or the ‘liability risks of mediocre security,’ this is your answer: inadequate preventative measures, unfit business partners, and poor internal security protocols can spell millions in damages. Unfortunately, this isn’t just an aberrant case -- the total punitive damages for HIPAA noncompliance in 2015 totaled $6.2 million; after just over eight months into 2016, they currently stand at $20.3 million.

Keep your company’s name off the growing list of companies that didn’t have suitable systems in place when it mattered most. Our EMR management practices provide a full suite of care for your data records; from prevention to end-point security, your information is safe with us. Our proficiency in the healthcare IT industry spans a wide variety of experiences and know-how. Contact us today. We’d love to tell you all about it.

Fileless malware: The invisible threat

By Detangle IT July 20, 2020
Scanning the files you download is not enough to detect malware these days. Hackers have found a clever way to get around antivirus and anti-malware software by using fileless malware. Since this malware is not as visible as traditional malware, it can infect your entire infrastructure without you even knowing. Let’s take a closer look […]

How to tell if your Mac is compromised

By Detangle IT July 15, 2020
Viruses and malware creators are out to attack anyone and everyone, including Mac users. Despite Apple’s robust macOS that makes it difficult to attack Macs, cybercriminals are finding ways to identify and exploit vulnerabilities. Read on to find out which threats you should protect your Mac against, as well as signs that your computer has […]

Top tips for making your website look awesome

By Detangle IT July 3, 2020
Like people, websites also need to be dressed for success. Here’s how you can make yours look impressive and have visitors eager to do business with you. Make a statement with professional photographs Before site visitors read what’s on your website, they assess it by checking out your images. A picture is indeed worth a […]
SHOW MORE
Share by: