Case 1: Back in 2014, Catholic Health Care Services (CHCS) of the Archdiocese of Philadelphia was serving as an active business associate to six skilled nursing facilities, providing information technology services.
Unfortunately, one of their iPhones containing the unencrypted, protected health information of 412 nursing home patients – including social security numbers, diagnosis and treatment information, and the names of family members and legal guardians – was stolen.
The resulting breach led to a $650,000 HIPAA fine.
In addition to meeting the fine, CHCS agreed to a corrective action plan. While assessing the fine,…Read more