CardioNet Agrees to $2.5 Million HIPAA Settlement with HHS

"Mobile devices in the health care sector remain particularly vulnerable to theft and loss," said Roger Severino, director of the HHS Office for Civil Righst. "Failure to implement mobile device security by Covered Entities and Business Associates puts individuals' sensitive health information at risk."

The U.S. Department of Health and Human Services' Office for Civil Rights announced that CardioNet (a company owned by BioTelemetry, Inc. of Malvern, Pa.) has agreed to settle potential noncompliance with the HIPAA Privacy and Security Rules by paying $2.5 million and implementing a corrective action plan.

This Health Insurance Portability and Accountability Act of 1996 (HIPAA) settlement is based on the impermissible disclosure of unsecured electronic protected health information (ePHI) and is the first one that involves a wireless health services provider, according to HHS.

CardioNet provides Mobile Cardiac Outpatient Telemetry -- remote mobile monitoring of and rapid response to patients at risk for cardiac arrhythmias.

According to HHS, in January 2012, CardioNet reported to the Office for Civil Rights that an employee's laptop was stolen from a parked vehicle outside that employee's home. "The laptop contained ePHI of 1,391 individuals. OCR's investigation into the impermissible disclosure revealed that CardioNet had an insufficient risk analysis and risk management processes in place at the time of the theft. Additionally, CardioNet's policies and procedures implementing the standards of the HIPAA Security Rule were in draft form and had not been implemented. Further, the Pennsylvania-based organization was unable to produce any final policies or procedures regarding the implementation of safeguards for ePHI, including those for mobile devices," HHS reported.

"Mobile devices in the health care sector remain particularly vulnerable to theft and loss," said Roger Severino, OCR's director. "Failure to implement mobile device security by Covered Entities and Business Associates puts individuals' sensitive health information at risk. This disregard for security can result in a serious breach, which affects each individual whose information is left unprotected."

The two parties' Resolution Agreement and Corrective Action Plan is available here.

Download Center

HTML - No Current Item Deck
  • Free Safety Management Software Demo

    IndustrySafe Safety Management Software helps organizations to improve safety by providing a comprehensive toolset of software modules to help businesses identify trouble spots; reduce claims, lost days, OSHA fines; and more.

  • The Top 5 Safety and Technology Trends to Watch

    Get the latest on trends you can expect to hear more about in 2019, including continued growth of mobile safety applications, wearable technology, and smart PPE; autonomous vehicles; pending OSHA recordkeeping rulemaking; and increased adoption of international safety standard, ISO 45001.

  • Analyze Incident Data

    Collect relevant incident data, analyze trends, and generate accurate regulatory reports, including OSHA 300, 300A, and 301 logs, through IndustrySafe’s extensive incident reporting and investigation module.

  • Safety Training 101

    When it comes to safety training, no matter the industry, there are always questions regarding requirements and certifications. We’ve put together a guide on key safety training topics, requirements for certifications, and answers to common training questions.

  • Conduct EHS Inspections and Audits

    Record and manage your organization’s inspection data with IndustrySafe’s Inspections module. IndustrySafe’s pre-built forms and checklists may be used as is, or can be customized to better suit the needs of your organization.

  • Industry Safe
comments powered by Disqus

OH&S Digital Edition

  • OHS Magazine Digital Edition - January 2019

    January / February 2019

    Featuring:

    • PREVENTING ERRORS
      Production vs. Safety 
    • EMERGENCY SHOWERS & EYEWASH
      Meeting the Requirements for Emergency Equipment
    • CONSTRUCTION SAFETY
      The State of Contractor Safety
    • FOOT PROTECTION
      The Three Keys to Effective Chemical Management
    View This Issue