OCR issues $2.15M HIPAA fine

The U.S. Department of Health and Human Services announced its Office for Civil Rights has issued Florida-based Jackson Health System a $2.15 million fine for violations of the Health Insurance Portability and Accountability Act. The fine is the result of improper data breach notifications and lacking risk management and assessment by Jackson Health System over a three-year span from 2013-2016. OCR Director Roger Severino said the investigation revealed “a HIPAA compliance program that had been in disarray for a number of years.” He added that the program failed to “detect and stop an employee” who stole and sold patient records.
Full Story

Share this post

Share on facebook
Share on linkedin
Share on print
Share on email

Subscribe to our Monthly Cyber Security Digest

Get monthly content to keep you up to date on the latest news and tips