Page 51 - index
P. 51
• WellPoint à fine: $1,700,000
• Blue Cross Blue Shield of Tennessee à fine: $1,500,000
• Massachusetts Eye and Ear Infirmary and Massachusetts Eye and Ear Associates
à fine: $1,500,000
• Affinity Health Plan à fine: $1,215,780
• South Shore Hospital à fine: $750,000
• Idaho State University à fine: $400,000
• Shasta Regional Medical Center à fine: $275,000
• Phoenix Cardiac Surgery à fine: $100,000
• The Hospice of Northern Idaho à fine: $50,000
Source: U.S. Dept. of Health & Human Services (HHS), Case Examples and Resolution
Agreements
Below is a slide I recently developed that demonstrates the costs of remediation to an
organization that experiences a breach:
The digital age is driving new restrictions on using Personal Health Information (PHI) within
Healthcare organizations. HHS Secretary Kathleen Sebelius recently emphasized that “much
has changed in healthcare since HIPAA was enacted over 15 years ago” and that the “new
rules associated with PHI/EPHI data will help protect patient privacy and safeguard patients’
health information in an ever-expanding digital age”.
Prevention is still the best approach for reducing the risk of information breach and ensuring
your organization is HIPAA compliant.
51 Cyber Warnings E-Magazine – March 2015 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
