St. Elizabeth's Medical Center will pay $218,400 in a settlement with the federal government for failing to comply with rules to safeguard private patient information. The Brighton hospital, owned by Steward Health Care System, also must adopt a "robust corrective action plan" to comply with federal laws in the future, the US Department of Health and Human Services said in a statement. The settlement concerns violations of the Health Insurance Portability and Accountability Act, commonly known as HIPAA, which regulates the privacy and security of patient information. It comes after federal regulators investigated a 2012 complaint that employees at St. Elizabeth's used an Internet-based document sharing program to store health information of at least 498 patients.
