MGH to Pay $1M to Settle 'Potential' HIPAA Violation
The documents were lost when a Mass General employee, while commuting to work, left the documents on the subway. The records have not been recovered.
That investigation "indicated that Mass General failed to implement reasonable, appropriate safeguards to protect the privacy of protected health information when removed from Mass General's premises and impermissibly disclosed protected health information potentially violating provisions of the HIPAA Privacy Rule," the HHS statement said.
The correction plan also directs the hospital's Director of Internal Audit Services of Partners HealthCare System Inc. to serve as an internal monitor that will conduct assessments of Mass General's compliance with the corrective action plan and render semi-annual reports to HHS for a 3-year period."
Cheryl Clark is senior quality editor and California correspondent for HealthLeaders Media. She is a member of the Association of Health Care Journalists.
- Resisting the Healthcare Consolidation Frenzy
- Give Nurses in Wheelchairs a Chance
- HL20: George Halvorson—Expectations for Success
- 3 Better Ways to Market Bariatric Surgery
- Top 3 Health Plan Game Changers of 2013
- New G-Codes to Pay Doctors for Broad Array of Non-Face-to-Face Care
- AMCs React to Being Shut Out of Some Exchange Plans
- MGMA Urges 'End-to-End' ICD-10 Testing
- Q&A: Ardis Dee Hoven 'Optimistic' SGR Will Be Repealed
- MUCking Around for New Quality Measures