New York-Presbyterian Hospital and Columbia University Medical Center together paid the largest HIPAA settlement of $4.8 million after the electronic protected health information of 6,800 patients ended up on Google back in 2010. To date, HIPPA-covered entities and business associates have paid out nearly $28.2 million to settle HIPPA violations. Cancer Care Group, a radiation oncology practice in Indianapolis, is now reevaluating its privacy and security practices after they agreed to settle HIPPA violations for $750,000.
In August 2012, Cancer Care had a security breach after an unencrypted server backup media and laptop was stolen from an employee's car. The device contained the protected health information, Social Security numbers and insurance data for 55,000 patients. Cancer Care is now updating security policies and developing an enterprise-wide risk management plan to addresses security risks. This is another cautionary tale that should motivate all healthcare organizations to take the necessary steps to stay in accordance with HIPAA regulations so as to avoid costly settlements and more importantly to thoroughly protect sensitive patient data.
To read more from our staff click here
To read more from Healthcare IT News click here