Earlier this month, Affinity Health Plan agreed to pay the Department of Health and Human Services more than $1.2 million to settle violations of the Health Insurance Portability and Accountability Act (HIPAA) privacy and security rules.
Affinity – a not-for-profit managed care plan – failed to erase the protected health information of nearly 350,000 individuals from hard drives of leased photocopiers.
For your reference, a roundup of legal commentary and analysis on the settlement and its implications for HIPAA covered entities and their business associates:
- A $1.2 Million Photocopier Mistake: Health Plan Settles with HHS in HIPAA Breach Case – Proskauer
- Hiding in plain sight: Failure to scrub patient data from digital copiers returned to leasing company results in $1.2 million HIPAA settlement – Mintz Levin
- $1.2 Million Settlement Agreement Announced for HIPAA Charges Involving Leased Photocopiers – King & Spalding
- Health Plan Agrees To $1.2 Million Settlement For Photocopier HIPAA Security Breach – Perkins Coie
- PHI On Photocopier Hard Drives… Is Your Organization At Risk? – Thompson Coburn LLP
- Health plan pays for failing to erase data on leased equipment: two takeaways for companies handling electronic PHI – DLA Piper
- Health Plan Settles HHS OCR Investigation Related to Photocopier Breach for $1.2m – BakerHostetler
- Affinity Health Plan Pays Over $1.2 Million For HIPAA Photocopier Breach – XpertHR
- Seven-Figure HIPAA Settlement Prompted by Photocopier Breach – Mintz Levin
- Health Law Blog: HIPAA Update: Don’t Forget Your Photocopiers – Davis Brown Law Firm
- Health Plan Fined for HIPAA Breach Relating to Information Stored on Photocopiers – Dinsmore & Shohl
Find additional updates on the Health Insurance Portability and Accountability Act at JD Supra Law News>>