Looking for a Business Associate Agreement? Download our FREE starter template.
Total HIPAA Logo

Guest Blog from GRA: Have there been HIPAA breaches by insurance agencies?

This week, I’m off singing at the Newport Music Festival.

On to the blog of the week from our partner GRA Benefits. This is a very interesting look at what is going on with HIPAA breaches and insurance agents. Now onto the blog:

Yes! In 2014, there have been two reported insurance agent breaches.

On January 1st, AppleCare Insurance Services had a laptop stolen. The laptop contained an unknown number of individuals’ Protected Health Information. AppleCare provided notification to the individuals, local news sources and HHS, and is still under investigation.

In April, Maschino, Hudelson & Associates notified about 5,500 staff and clients of a breach. A laptop containing personal information, including Social Security numbers, was stolen from a worker’s car.

Both incidents were due to a theft of an unencrypted laptop. Encrypting your mobile devices, including smart phones, can be a lifesaver. If either situation had involved an encrypted laptop, the agencies may have been able to avoid breach notification.

Since the Omnibus Rule was effective as of last September, business associates – a.k.a. insurance agents – are being audited directly by the government. Therefore, each of these agencies could be fined up to $1.5 million. [Editor’s note: Remember, the potential $1.5 million fine is the cap for a single violation. If HHS finds the agencies didn’t have security policies and procedures in place, that would be another violation, and subject to another penalty that could be an additional $1.5 million fine. There is no cap on the total amount of fines an agency can accrue.]

For more information on the services that GRA provides, please click here.

By: Bridgette O’Connor

Sharing is caring!


Looking for a Business Associate Agreement?

Download our free template to get started on your path toward HIPAA compliance.

Download Now

Let's keep in touch

Stay up to date on the latest HIPAA news, plus receive tons of free tools and info.

Navigating HIPAA Compliance in 2023

Watch the recording of this webinar to learn more about how you can become and stay HIPAA compliant!


Related Posts

What is Access Control in terms of HIPAA?

What is Access Control in terms of HIPAA?

Access control, in terms of cybersecurity, refers to the practice of managing and regulating who can access specific resources, systems, or data within an organization's network or information...

Comparing HIPAA and NIST

Comparing HIPAA and NIST

In the ever-evolving landscape of data security and privacy, two key frameworks have emerged as significant players: HIPAA and NIST. Both emphasize the importance of safeguarding sensitive...

Save & Share Cart
Your Shopping Cart will be saved and you'll be given a link. You, or anyone with the link, can use it to retrieve your Cart at any time.
Back Save & Share Cart
Your Shopping Cart will be saved with Product pictures and information, and Cart Totals. Then send it to yourself, or a friend, with a link to retrieve it at any time.
Your cart email sent successfully :)