Tag Archives: CMP

Proposed $6.8M Fine Related to Puerto Rico Breach Incident

Photo of Lynn SessionsBy Lynn Sessions and Kimberly M. Wong on Posted in Data Breaches, HIPAA/HITECH, International Privacy Law, Medical Privacy
Triple-S Salud, Inc. (“Triple-S”), a Puerto Rico Health Insurance Administration (“PRHIA”) contractor, filed a Form 8-K indicating that the PRHIA intended to impose a civil monetary penalty of $6,768,000 and other administrative sanctions stemming from a breach incident affecting 13,336 Dual Eligible Medicare beneficiaries.  The breach incident occurred in September 2013 when Triple-S mailed to … Continue Reading

Record UK Fine Data Breach of Healthcare Information

Photo of Lynn SessionsBy Lynn Sessions on Posted in Data Breaches, Medical Privacy
The United Kingdom’s Information Commissioner’s Office (“ICO”) levied a $499,460 civil monetary penalty (“CMP”) to Brighton and Sussex University Hospitals after discovering staff and patients’ sensitive data contained on hard drives sold on Ebay in late 2010.  The breach reportedly exposed tens of thousands of patients’ health information, including HIV status and treatment, other diagnostic … Continue Reading

HIPAA Bombshells — Major Civil Monetary Penalties Imposed Against Covered Entities for Privacy Violations

Photo of John MulhollanBy John Mulhollan on Posted in Enforcement, HIPAA/HITECH, Medical Privacy
The last week of February 2011 will likely be remembered as a noteworthy milestone in the history of HIPAA privacy enforcement by the Department of Health and Human Services (“HHS”).  Showing that HHS intends to vigorously exercise the expanded civil monetary penalty enforcement provisions enacted in 2009 under the Health Information Technology for Economic and … Continue Reading
LexBlog