HIPAA Penalty Follows Company Into Receivership

"The careless handling of [protected health information] is never acceptable," said OCR Director Roger Severino. "Covered entities and business associates need to be aware that OCR is committed to enforcing HIPAA regardless of whether a covered entity is opening its doors or closing them. HIPAA still applies."

Saying the case illustrates that "consequences for HIPAA violations don't stop when a business closes," the U.S. Department of Health and Human Services reported Feb. 13 that a receiver appointed to liquidate the assets of Filefax, Inc. has agreed to pay $ 100,000 out of the receivership estate to the HHS Office for Civil Rights to settle potential violations of the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule.

Filefax, located in Northbrook, Illinois, is no longer in business. But it had advertised that it provided for the storage, maintenance, and delivery of medical records for covered entities. "Although Filefax shut its doors during the course of OCR's investigation into alleged HIPAA violations, it could not escape its obligations under the law," the federal agency reported, explaining the case this way:

  • On Feb. 10, 2015, OCR received an anonymous complaint alleging someone transported medical records obtained from Filefax to a shredding and recycling facility to sell on Feb. 6 and 9, 2015. OCR opened an investigation, which confirmed that an individual had left medical records of approximately 2,150 patients at the shredding and recycling facility and that those records contained patients' protected health information (PHI).
  • The investigation indicated that between Jan. 28, 2015, and Feb. 14, 2015, Filefax impermissibly disclosed the PHI of 2,150 individuals by leaving the PHI in an unlocked truck in the Filefax parking lot or by granting permission to an unauthorized person to remove the PHI from Filefax and leaving the PHI unsecured outside the Filefax facility.

"The careless handling of PHI is never acceptable," said OCR Director Roger Severino. "Covered entities and business associates need to be aware that OCR is committed to enforcing HIPAA regardless of whether a covered entity is opening its doors or closing them. HIPAA still applies."

Download Center

HTML - No Current Item Deck
  • Free Safety Management Software Demo

    IndustrySafe Safety Management Software helps organizations to improve safety by providing a comprehensive toolset of software modules to help businesses identify trouble spots; reduce claims, lost days, OSHA fines; and more.

  • The Top 5 Safety and Technology Trends to Watch in 2019

    Get the latest on trends you can expect to hear more about in 2019, including continued growth of mobile safety applications, wearable technology, and smart PPE; autonomous vehicles; pending OSHA recordkeeping rulemaking; and increased adoption of international safety standard, ISO 45001.

  • Get the Ultimate Guide to OSHA Recordkeeping

    OSHA’s Form 300A posting deadline is February 1! Are you prepared? To help answer your key recordkeeping questions, IndustrySafe put together this guide with critical compliance information.

  • Safety Training 101

    When it comes to safety training, no matter the industry, there are always questions regarding requirements and certifications. We’ve put together a guide on key safety training topics, requirements for certifications, and answers to common training questions.

  • Conduct EHS Inspections and Audits

    Record and manage your organization’s inspection data with IndustrySafe’s Inspections module. IndustrySafe’s pre-built forms and checklists may be used as is, or can be customized to better suit the needs of your organization.

  • Industry Safe

OH&S Digital Edition

  • OHS Magazine Digital Edition - January 2019

    January 2019

    Featuring:

    • PREVENTING ERRORS
      Production vs. Safety 
    • EMERGENCY SHOWERS & EYEWASH
      Meeting the Requirements for Emergency Equipment
    • CONSTRUCTION SAFETY
      The State of Contractor Safety
    • FOOT PROTECTION
      The Three Keys to Effective Chemical Management
    View This Issue