Tag: HIPAA fines


States Enact Even Tougher Breach Notification Laws than Federal HIPAA Requirements

Starting September 1, 2018, Colorado’s new Protections For Consumers Data Privacy law will require organizations to notify victims of breaches containing personal information within 30 days of determining that a breach occurred — 30 days before current federal HIPAA requirements. Like other state laws, Colorado’s newest approved bill signals to healthcare organizations that you can no longer wait for federal mandates to suggest how you protect your patients’ information. You must prepare for potential changes now or risk suffering the consequences. Here’s what we know about the new law and how it could affect your organization. Who is Affected? First off, it’s important to note that Colorado’s law will impact not only businesses located within its borders but also entities

Read More »
healthcare breaches

Healthcare Breaches: The Newest Round of HIPAA Fines

A new HIPAA fine has been released, and it’s significant. Federal regulators have issued one of the largest HIPAA settlements ever in favor of 521 impacted individuals over Massachusetts-based healthcare organization Fresenius Medical Care (FMCNA). Cited specifically for a lack of risk analysis, FMNCA now ranks among one of the costliest HIPAA penalties issued, paying out $3.5 million to affected individuals. Fresenius first reported the breach on January 21, 2013. Data exposed included patient names, addresses, dates of birth, telephone numbers, insurance information and even some social security numbers. FMNCA committed an all too common theme among HIPAA violations, failure to conduct a thorough risk analysis of potential risks and vulnerabilities to the confidentiality, integrity, and availability of all its

Read More »