February 21, 2018

February 20, 2018

Subscribe to Latest Legal News and Analysis

February 19, 2018

Subscribe to Latest Legal News and Analysis

Out-of-Business File Storage Company Paid $100K for Alleged HIPAA Violations

Yesterday, DHHS’s Office for Civil Rights (OCR) announced a $100,000 settlement with a dissolved medical records moving and storage company in Illinois.  This is another example of OCR bringing enforcement actions against a business associate under HIPAA.  OCR investigated a complaint that the business associate brought medical records to a shredding and recycling facility in exchange for cash.  According to OCR, it confirmed that the business associate violated the HIPAA Privacy Rule when it left the medical records of approximately 2,150 people at the shredding and recycling facility.  Due to other legal troubles, a court had already forced the business associate to liquidate its assets and appointed a receiver to pay its debts.  The receiver agreed to pay the $100,000 settlement and to ensure that the storage and disposal of the remaining medical records would be in compliance with HIPAA.

Read a copy of the Resolution Agreement here.

© Copyright 2018 Murtha Cullina

TRENDING LEGAL ANALYSIS


About this Author

Dena Castricone, Murtha Cullina Law Firm, Long Term Care Attorney
Counsel

Dena Castricone is member of the Long Term Care/Health Care Practice Group and is also an experienced litigator who has been with Murtha Cullina LLP since 2003. As part of the Long Term Care/Health Care Practice Group, she assists nursing homes, assisted living communities, CCRCs, hospitals, physician groups and home health care and hospice agencies with a wide range of regulatory, compliance, litigation and risk management issues. As a litigator, Dena has extensive experience in a wide range of routine and complex business litigation....

203-772-7767