HIPAA Doesn’t Go Away Even When a Business Closes
February 14, 2018
Filefax, Inc., a company that provided medical record storage, maintenance, and delivery for covered entities, is responsible for a $100,000 HIPAA fine even though it shut its doors during OCR’s violation investigation.
In early 2015, the Filefax disclosed medical records of over 2,000 patients. Although Filefax closed, their court-appointed receiver used liquidated assets to pay the fine and to store and dispose of any remaining medical records.
The resolution agreement and corrective action plan may be found on the OCR website at http://www.hhs.gov/hipaa/for-professionals/compliance-enforcement/agreements/Filefax/index.html.
Sign up for Our Blog
April 3, 2018
Attorneys general from 32 U.S. states are opposing the Data Acquisition and Technology Accountability and Security Act, a draft bill released in mid-February. The proposed legislation would preempt necessary state data… Read More ›Read More
March 1, 2018
In light of Health and Human Services Office for Civil Right’s Cybersecurity February Newsletter, HHS OCR clearly sees phishing as an increasing problem, as they’re becoming “more sophisticated and harder… Read More ›Read More
February 26, 2018
The U.S. Securities and Exchange Commission recently released revised cybersecurity guidance for publicly traded companies. The guidance, approved unanimously by the commission on Tuesday, is meant “to assist public companies… Read More ›Read More