Colorado Hospital HIPAA Settlement Costs Over $100k

A Colorado hospital has agreed to pay $111,400 to the Office for Civil Rights (OCR) at the US Dept of Health and Human Services (HHS) and to adopt a substantial two-year corrective action plan to settle potential HIPAA violations after a former employee allegedly continued to have remote access to the hospital’s web-based scheduling calendar.  Additionally, the investigation revealed that the hospital did not have a business associate agreement in place with the web-based scheduling system vendor, which also received access to the 557 patient records in question.  A link to the press release is below:

https://www.hhs.gov/about/news/2018/12/11/colorado-hospital-failed-to-terminate-former-employees-access-to-electronic-protected-health-information.html

Leave a Comment

Your email address will not be published. Required fields are marked *