The health and human service department of the country is now ready for the defrayal of 2.2 million dollars. The reason behind this issue is to take care of the disobedience of health insurance accountability act of the year 1996. This settlement is related to the exposure of the information of various patients. The number of people affected by this disclosure may be 2, 209. It is said that a usb device was present in the information technology department and then it was lost the very same day. That device possessed the data related to the patients. It includes their full names, date of birth as well as their social identity numbers. The data present on the device was not locked by the pin code nor was the data kept coded.
Many areas of disobedience with HIPAA directions exposed
Throughout the whole inquiry, the investigators found many other problems which were practiced in the company. For instance: 45 C.F.R. 164.502(1) Forbidden exposure of the various patients present in the database. 5 C.F.R. 164.308: This shows the disaster that caused the whole issue and the failure to learn about the potential data leakage risks. To understand the liabilities of integrity, confidentiality as well as the lack of presence of proper measures to meet these risks.
Here, the data coding is the issue which has been highlighted by the HIPAA. On the other hand, the company should take measures to assess all the probable risks to their data. A full and comprehensive assessment is necessary to avoid such accidents. In addition to that, a report should be submitted in which the reasons for this disobedience and ignorance would be mentioned.
Most recent settlements by HIPAA:
The OCR has implemented many new rules of HIPAA in the past few years. In 2016, almost twelve health care companies disobeyed the rules and regulations of HIPPAA. Then, HIPAA charged them with huge monetary fines. In the last week, the OCR has made another declaration for the penalty of 475, 000 dollars. This is for the disobedience of the rules set by HIPAA