1

HIPAA Security Computer Violations: How A Business Associate Was Fined $75K And A Pain Management Clinic Was Fined $1.9 Million

Live Webinar | Mark R. Brengelman | Jan 28, 2025 , 01 : 00 PM EST | 60 Minutes |  15 Days Left
Description

The Department of Health and Human Services has sanctioned a Business Associate in a settlement of potential violations of the HIPAA Privacy and Security Rules a Business Associate that provided coding, billing, and onsite information technology services to healthcare providers. The settlement involved a data breach, where a network server containing the protected health information of 267 individuals was left unsecure on the internet.

Learn how this Business Associate failed to comply with HIPAA Privacy, Security, and Breach Notification Rules for the requirements that HIPAA-regulated entities must follow to protect the privacy and security of protected health information. Review how effective cybersecurity failed to include ensuring that electronic protected health information was secure, and not accessible to just anyone with an internet connection. The government investigation began years ago in 2017 following the receipt of a breach report stating that the Business Associate had experienced an unauthorized transfer of protected health information, known as exfiltration, from its unsecured server.

This included sensitive protected health information that included patient names, dates of birth, addresses, Social Security numbers, email addresses, diagnoses, treatment information, medical procedures, and medical histories – devastatingly private and confidential information.

In addition to the impermissible disclosure, the government investigation found evidence of the potential failure to have in place an analysis to determine risks and vulnerabilities to electronic protected health information across the organization.  No one was monitoring the situation or analyzing possible security risks – those are themselves HIPAA violations. In a most recent case, a chain of pain management clinics was fined $1.9 million for computer security failures, failure to perform audits and risk analysis, and failure to terminate a former employee’s access to medical records.

Erase the fear, uncertainty, and doubt about compliance with HIPAA Privacy and Security Rules for Business Associates by reviewing this significant, landmark government investigation, complaint, and sanction.

Areas Covered:-

  • Overview of Business Associate HIPAA rules
  • Factual background and investigative results
  • The $75,000 penalty and corrective action plan
  • Elements of the corrective action plan
  • Relation to failure to conduct a HIPAA risk assessment
  • The newest $1.9 million fine case
  • Lessons learned
  • Tips to avoid liability and risk:  best practices.

Background:-

The background for this topic is an overview of business associate rules and HIPAA privacy and security rules as applied to computers.

Why should you Attend?

The Federal Department of Health and Human Services recently conducted a landmark investigation into a Business Associate’s failure to comply with HIPAA and its stringent security and privacy rules in a volatile situation involving unsecured computer access and breach notification of serious protected health information.

Analyzing this investigation and settlement agreement that imposed tens of thousands of dollars in penalties, erases the fear, uncertainty, and doubt about HIPAA compliance by a Business Associate.

Who will Benefit?

  • Healthcare law attorneys
  • Licensed health care practitioners in private practice in mental health and physical medicine
  • Medical directors of health facilities
  • Office managers and medical directors of private medical offices
  • Healthcare managers and executives
  • Corporate counsel in healthcare
  • Health care administrators
  • University faculty in health care and medical records
  • Allied health professionals in graduate-level medical education across the many health care professions
  • Corporate compliance officers
  • Human resource directors and departments.

Choose Your Options

Error Conference Exists In Wish-list.

Congrats Conference Added In Wish-list.

Live   +   $229
Recording   +   $229
DVD   +   $249
Live & Recording   +   $379
Live & DVD   +   $389
Recording + DVD   +   $389
Corporate Live 1-3-Attendees   +   $599
Corporate Live 1-6-Attendees   +   $1099
Transcript (Pdf)   +   $229
Live & Transcript (Pdf)   +   $379
Recording & Transcript (Pdf)   +   $379
DVD & Transcript (Pdf)   +   $389
Flash Drive   +   $259




* Download the Order Form

* Over 6 attendees? Contact at +1-866-823-1483 or
Mail at cs@onlineaudiowebinar.com

Find more webinars by expert Mark R. Brengelman.