Texas Health System Agrees to Pay HHS $2.4 Million

Memorial Hermann Health System (MHHS) will also adopt a correct action plan to settle violations of the HIPAA Privacy Rule.

According to a report from the HHS Office of Civil Rights, Memorial Hermann Health System (MHHS) has agreed to pay $2.4 million to the HHS as well as adopt a correct action plan in order to settle violations of the HIPAA Privacy Rule.

The agreement stems from a review of the system based on reports that said it disclosed a patient's protected health information (PHI) without authorization. MHHS is located in Southeast Texas and is comprised of 16 hospitals and services outside of Houston.

After a patient was arrested for providing a fraudulent identification card to staff, a press release disclosed the PHI. "Senior management should have known that disclosing a patient's name on the title of a press release was a clear HIPAA Privacy violation that would induce a swift OCR response," said OCR Director Roger Severino. "This case reminds us that organizations can readily cooperate with law enforcement without violating HIPAA, but that they must nevertheless continue to protect patient privacy when making statements to the public and elsewhere."

OH&S Digital Edition

  • OHS Magazine Digital Edition - November 2017

    November 2017

    Featuring:

    • HEAD & FACE PROTECTION
      Key to Effective Head & Face Protection
    • CONFINED SPACES
      Confined Space: Preparing for Rescue
    • FALL PROTECTION
      Are You Fully Prepared?
    • TRAINING
      Microlearning: Training for the Millennial Generation
    View This Issue

comments powered by Disqus