MGH to Pay $1M to Settle 'Potential' HIPAA Violation
The documents were lost when a Mass General employee, while commuting to work, left the documents on the subway. The records have not been recovered.
That investigation "indicated that Mass General failed to implement reasonable, appropriate safeguards to protect the privacy of protected health information when removed from Mass General's premises and impermissibly disclosed protected health information potentially violating provisions of the HIPAA Privacy Rule," the HHS statement said.
The correction plan also directs the hospital's Director of Internal Audit Services of Partners HealthCare System Inc. to serve as an internal monitor that will conduct assessments of Mass General's compliance with the corrective action plan and render semi-annual reports to HHS for a 3-year period."
Cheryl Clark is senior quality editor and California correspondent for HealthLeaders Media. She is a member of the Association of Health Care Journalists.
- Antibiotic Overuse a 'Huge Threat' to Patient Safety, Says CDC
- Consumerism Drives Healthcare Branding, Rebranding Efforts
- 3 Traits Personality Assessments Can't Reveal
- CFO Exchange: Smartphones Poised to Disrupt Healthcare, Says Topol
- PA Ranks See 'Phenomenal Growth,' Lack of Diversity
- CHS Hacked, 4.5M Patient Records Compromised
- Business Roundup: M&A Activity Down Slightly in First Half of 2014
- CFO Exchange: Healthcare Leaders Share 5 Innovative Ideas
- Large Employers Trimming Healthcare Spending
- 3 Things the Ice Bucket Challenge Can Teach Hospital Marketers