Have you created a ShazzleMail account on your smartphone? This is a required first step.

Yes No

Free Encrypted Email

08e4fdf7-1b6d-4784-8868-d224dc881485

Children’s Dallas docked $3.2 million over patient privacy breaches

February 2, 2017

Children’s Medical Center of Dallas has paid a penalty of more than $3.2 million to the federal government over privacy breaches dating back to 2007 that left the data for thousands of patients at risk.
The facility voluntarily reported potential disclosures of patient health information, but it did not implement strong safeguards to ensure that the breaches would not happen again, according to a statement issued Wednesday from the U.S. Department of Health and Human Services.
Ensuring security precautions to protect health information is essential, said Robinsue Frohboese, acting director of the Office for Civil Rights in the statement.

“A lack of risk management not only costs individuals the security of their data, but it can also cost covered entities a sizable fine,” she said.

Children’s Health responded Thursday saying that it has fully cooperated with the government’s investigation, and that it does not believe any patient or their family was affected by the incidents.
In 2010, the medical center reported that the personal information for about 3,800 patients had been accessible on an unencrypted, non-password protected BlackBerry device used at the Dallas-Fort Worth International Airport the previous year.
However, according to the federal investigation, they were aware of the potential risk of that kind of incident since at least 2007. A security analysis conducted by the healthcare consulting firm Strategic Management Systems over a 3-month period ending February 2007 uncovered gaps.
So did a separate analysis in 2008 from the consulting firm PwC. It said encryption should be a “high priority” for the medical center, as stolen devices could put patient data at risk.

Still, no security plan was established, and the encryption issue was not corrected on laptops, workstations and other devices distributed to the Children’s workforce until April 2013, the civil rights office investigation found.
That month a laptop was stolen in a separate breach that contained unencrypted data for nearly 2,500 people. Children’s reported the HIPAA (Health Insurance Portability and Accountability Act) violation to the Office of Civil Rights three months later.
In January, the medical center declined its right to request a hearing and challenge the fine, which totaled $3,217,000.
“We have decided to pay the imposed fine because efforts to formally contest the claims would be a long and costly distraction from our mission to make life better for children,” said Scott Summerall, a spokesperson for Children’s Health. “We remain committed to protecting the privacy of our patients.”

Tags: , , ,

Introducing ShazzleMail Email and How it Works

Privacy is your Fundamental Human Right.

Our Daily Blog
static2.politico.com
Privacy and security: no simple solution, warns Rachel Dixon
September 18, 2018

The tide is turning when it comes to privacy and security, with Australians gradually becoming more ...

Read more
emailtracking-ta
Are you privacy literate?
September 11, 2018

Online privacy is a new literacy that educators and students need to learn and practice. But what sh...

Read more
monero
Monero (XMR) The Privacy Oriented Coin Story And Latest: 10.00% Increase – Showcasing Predicted Success
September 5, 2018

Seaming like out of the blue, Monero (XMR) is taking center stage for the last couple of week consta...

Read more
5805091c1a00002c145b9f72
DuckDuckGo gets $10M from Omers for global privacy push
August 29, 2018

Pro-privacy search engine DuckDuckGo, which offers an alternative to surveillance engines like Googl...

Read more
pic22
Demystifying Online Privacy, Through the Story of the Man Who Took On Silicon Valley
August 20, 2018

By Nicholas Confessore Aug. 18, 2018 Times Insider delivers behind-the-scenes insights into how ...

Read more