OCR & NY Health System Reach a $4.75M Agreement
Erkeda DeRouen, MD ✨ Digital Health Risk Management Consultant ⚕️TEDxer
I help digitally-enabled healthcare organizations intelligently navigate clinical risk and compliance✨
The HHS Office for Civil Rights (OCR) has successfully brokered a hefty $4.75 million settlement with Montefiore Medical Center in NYC.
This resolution addresses violations of HIPAA .
This agreement was born out of a 2013 incident involving an breach of data when a Montefiore employee committed the unthinkable - stealing and then selling the Protected Health Information (PHI) of 12,517 patients.
To avoid future penalties, Montefiore is implementing a comprehensive, corrective action plan that includes:
-Rigorous workforce training
-Comprehensive risk assessments
-High-end software implementation
All of this is designed to significantly enhance their data security protocols.
The OCR has reiterated the pivotal role of cyber-threat readiness and robust security measures in protecting patient data. HHS Deputy Secretary, Andrea Palm, stressed the weighty responsibility that healthcare systems carry in securing patient medical records.
This serves as a stark reminder to all healthcare entities. The security of patient data is not a luxury, it's a mandate. The onus is on your team to maintain the security and confidentiality of patient information.
Are you routinely auditing your system?