Latest HIPAA Violation Affects Phoenix Based Practice

Posted on by Frank J. Rosello

On April 19, 2012 the HHS Office for Civil Rights (OCR) reported that a Phoenix based cardiology practice has agreed to pay HHS a $100,000 settlement for violations of the HIPAA Privacy and Security Rules.

What is alarming about this particular case is that a protected health information (PHI) breach was not the reason for this violation. The key driver of this HIPAA violation involved the physician  practice posting clinical and surgical appointments for its patients on an Internet-based calendar that was not secured thus publicly available. And to add insult to injury, the OCR investigation also found that the practice had implemented few policies and procedures to comply with the HIPAA rules and it had limited safeguards in place to protect patients’ PHI.

Also See: Five Best Practices For Medical Organizations To Protect Against PHI Breaches

The compliance shortfalls that this Phoenix based practice experienced reflects the global challenge and opportunity most medical practices and organizations face today in complying with HIPAA Privacy and Security Rules.  One effective way for medical organizations to effectively minimize their risk of HIPAA violations is to seriously consider partnering with an outside Health IT firm that can provide support and expertise to address any and all compliance gaps. Far too often, internal IT professionals are so focused on day-to-day operations and solving computer / network related problems, that developing and managing  HIPAA compliance and security processes and routines falls below their radar. Having an outside Health IT partner offers medical organizations an unbiased fresh set of eyes to evaluate vulnerabilities and mitigate any and all security risks across the entire enterprise.

Leon Rodriguez, director of OCR said, “We hope that healthcare providers pay careful attention to this resolution agreement and understand that the HIPAA Privacy and Security Rules have been in place for many years, and OCR expects full compliance no matter the size of a covered entity.”

Click here: Phoenix practice to pay $100,000 to settle HIPAA case to get all the details surrounding this case.

Frank J. Rosello

is CEO & Co-Founder of Environmental Intelligence LLC.

Environmental Intelligence, LLC, is a complete, full-service healthcare IT solution provider. With a team having more than 10 years of proven clinical expertise in delivering end-to-end health IT solutions, Environmental Intelligence provides medical practices and facilities onsite expert IT consulting, installation, and implementation that is focused on physicians, their patients, and the quality of their care.

Contact us to learn more about our Physician Focused – Patient Driven® approach to Health IT.

Incoming search terms:

  • Recent HIPAA Violation Cases 2015
  • recent hipaa violations in the news
  • Recent Hipaa Violations
  • Recent HIPAA Violations 2016
  • Recent HIPAA Violation Cases 2016

Leave a Reply

Follow GOEILLC on LinkedIn Follow GOEILLC on Twitter