Ad­vanced Care Hospi­tal­ists pays $500,000 fine for vi­o­lat­ing HIPAA

Modern Healthcare - - Regional News -

Mul­tispe­cialty group Ad­vanced Care Hospi­tal­ists has agreed to pay a $500,000 fine to HHS for shar­ing pa­tient in­for­ma­tion with a third-party ven­dor with­out proper safe­guards in place. That ac­tion re­sulted in the breach of data from as many as 9,000 pa­tients, ac­cord­ing to HHS.

Be­tween Novem­ber 2011 and June 2012, Ad­vanced Care Hospi­tal­ists worked with some­one who said he was from third-party billing com­pany Doc­tor’s First Choice Billings. The Lake­land, Fla.-based physi­cian group gave the per­son pro­tected health in­for­ma­tion for pro­cess­ing bills, ac­cord­ing to an HHS in­ves­ti­ga­tion. Then, in Fe­bru­ary 2014, a hos­pi­tal told Ad­vanced Care that per­sonal, de­mo­graphic and clin­i­cal in­for­ma­tion from its pa­tients was listed on the billing com­pany’s web­site. But the two or­ga­ni­za­tions did not have in place a busi­ness as­so­ciate agree­ment, used by cov­ered en­ti­ties to al­low them, un­der HIPAA, to share pro­tected health in­for­ma­tion with third par­ties.

HHS also found that Ad­vanced Care, op­er­a­tional since 2005, had not con­ducted a risk anal­y­sis or im­ple­mented se­cu­rity safe­guards un­til af­ter the breach.

In ad­di­tion to the fine, Ad­vanced Care agreed to a cor­rec­tive ac­tion plan. The physi­cian group, which was not im­me­di­ately avail­able for com­ment, did not ad­mit to any wrong­do­ing.

Newspapers in English

Newspapers from USA

© PressReader. All rights reserved.