Insurer, OCR Reach $1.5M Settlement for HIPAA Breach
In a statement released to HCPro, Inc., BCBS said the settlement covers the 2009 theft of 57 hard drives from a data storage closet at a former BlueCross call center located in Chattanooga. The hard drives contained audio and video recordings related to customer service telephone calls from providers and members, and included "varying degrees" of personal information on about 1 million members.
To date, there is no indication of any misuse of personal data from the stolen hard drives, according to BCBS.
"Since the theft, we have worked diligently to restore the trust of our members by demonstrating our full commitment to limiting their risks from this misdeed and making significant investments to ensure their information is safe at all times," said Tena Roberson, deputy general counsel and chief privacy officer for BlueCross. "We appreciate working with HHS, the Office of Civil Rights and CMS and specifically their guidance on administrative, physical and technical standards throughout this process."
Leon Rodriguez, OCR director, said the settlement tells covered entities and business associates to "have in place a carefully designed, delivered, and monitored HIPAA compliance program. The HITECH Breach Notification Rule is an important enforcement tool and OCR will continue to vigorously protect patients' right to private and secure health information."
- MU Compliance Announcement Sparks Concern, Confusion
- New G-Codes to Pay Doctors for Broad Array of Non-Face-to-Face Care
- Scary Financial Challenges for 2014
- MGMA Urges 'End-to-End' ICD-10 Testing
- 1 in 5 CT Screenings for Lung Cancer Results in Overdiagnosis
- Telehealth Improves Patient Care in ICUs
- CMS Sets 2014 Pay Rates for Hospital Outpatient and Physician Services
- LifePoint Bolsters Presence in Michigan's Upper Peninsula
- States Rejecting Medicaid Expansion Forgo Billions in Federal Funds
- Douglas Hawthorne—A Chance to Do Something Big