On Dec. 5, 2018, the Office for Civil Rights (OCR) of the U. S. Department of Health and Human Services (HHS) announced that Advanced Care Hospitalists PL (ACH) had entered into a $500,000 settlement and resolution agreement (RA) resulting from OCR’s investigation of ACH’s breach notification on April 11, 2014, and subsequent supplemental notification. On … Continue Reading
Throughout 2013, HHS OCR has stated that covered entities of all sizes need to give priority to securing ePHI. In addition, HHS OCR has recommended that covered entities identify and mitigate risks before an incident occurs. HHS OCR’s enforcement activity during 2013 has focused on covered entities large and small. To end 2013, HHS OCR … Continue Reading
BlueCross BlueShield of Tennessee (BCBST) was the victim of a theft in 2009 when an intruder stole 57 hard drives which contained protected health information (PHI) of more than 1 million customers. The information on the hard drives included names, Social Security Numbers, diagnosis codes, dates of birth, and health plan identification numbers. Reports suggest … Continue Reading
