Settlement Reached for HIPAA Security Rule Violation

In the government’s first settlement with a covered entity for failing to have written policies and procedures in place to address the breach notification provisions of the Health Information Technology for Economic and Clinical Health (HITECH) Act, a Massachusetts dermatology office agreed to pay $150,000.00 and implement a corrective action plan. The U.S. Department of Health and Human Services, Office of Civil Rights (“HHS”) began an investigation of Adult & Pediatric Dermatology (APDerm), a Massachusetts dermatology practice, when it received… Read More >