"Health care entities must ensure that they are not leaving patient health information accessible online to anyone with an internet connection," said OCR Director Melanie Fontes Rainer. "Effective cybersecurity means being proactive and vigilant in searching for risks and vulnerabilities to health data and preventing unauthorized access to patient health information."
HHS announced a $250,000 settlement with Inmediata Health Group, LLC regarding potential violations of HIPAA Security Rule after a complaint about protected health information being online.
Inmediata's incident resulted in a class action lawsuit that settled for $1.1 million in 2022, highlighting the need for stronger protections against unauthorized access to health information.
OCR enforces the HIPAA Privacy, Security, and Breach Notification Rules, which set forth requirements health plans and care providers must follow to protect patient health information.
Collection
[
|
...
]