MGH to Pay $1M to Settle 'Potential' HIPAA Violation
The documents were lost when a Mass General employee, while commuting to work, left the documents on the subway. The records have not been recovered.
That investigation "indicated that Mass General failed to implement reasonable, appropriate safeguards to protect the privacy of protected health information when removed from Mass General's premises and impermissibly disclosed protected health information potentially violating provisions of the HIPAA Privacy Rule," the HHS statement said.
The correction plan also directs the hospital's Director of Internal Audit Services of Partners HealthCare System Inc. to serve as an internal monitor that will conduct assessments of Mass General's compliance with the corrective action plan and render semi-annual reports to HHS for a 3-year period."
Cheryl Clark is senior quality editor and California correspondent for HealthLeaders Media. She is a member of the Association of Health Care Journalists.
- Senators Hear How Two-Midnight Rule Harms Patients, Hospitals
- 3 Management Lessons from a Supermarket Debacle
- Medicare Advantage Carriers See 'No Choice' But to Accept Cuts
- Physicians to Appeal 'Docs v. Glocks' Ruling in FL
- IOM Identifies GME Problems, Calls for Finance Changes
- Handshaking Spreads Germs. Get Over It.
- Healthcare Costs Start With What We Eat
- Revenue Cycles Get a Boost from Simple JPEG Files
- Hospitals Likely to Outsource ICD-10 at Launch
- Anatomy of 3 Health System Rebranding Efforts