Hospital Hit with $3.3 Million fine for PHI Breach

By March 10, 2015 February 11th, 2020 No Comments
Hospital Hit with $3.3 Million fine for PHI Breach

New York and Presbyterian Hospital have agreed to a $3.3 million fine for a PHI breach following an investigation by the Office of Civil Rights in the Department of Health and Human Services.  Details of the case are here.

Some of the details and the amount of the fine are troubling for healthcare providers:

a. NYP impermissibly disclosed the ePHI of 6,800 patients to Google and other Internet search engines when a computer server that had access to NYP ePHI information systems was errantly reconfigured

b. NYP failed to conduct an accurate and thorough risk analysis that incorporates all IT equipment, applications, and data systems utilizing ePHI.

c. NYP failed to implement processes for assessing and monitoring all IT equipment, applications, and data systems that were linked to NYP patient data bases prior to the breach incident, and failed to implement security measures sufficient to reduce the risks and vulnerabilities to its ePHI to a reasonable and appropriate level.

RingRx, The Phone System for Doctors, keeps you compliant in one of the areas you may not be thinking about:  Your phone system.  Other cloud PBX systems are not compliant and you are exposed to PHI breaches and HIPAA violations.

Doug Parent

Author Doug Parent

Doug is the CEO and co-founder of RingRx. With an extensive background in healthcare telecommunications and live agent services, Doug brings a unique perspective to solving problems and simplifying operations of modern practices, clinics, hospitals and companies involved in the healthcare cycle.

More posts by Doug Parent

Subscribe To Our Newsletter

Stay updated with the latest industry news and healthcare trends!