HHS Settles First Enforcement Action Relating to a Breach Affecting Fewer
than 500 Individuals
On January 2, 2013, the Department of Health and Human Services (“HHS”)
announced <http://www.hhs.gov/news/press/2013pres/01/20130102a.html> a
resolution
agreement<http://www.hhs.gov/ocr/privacy/hipaa/enforcement/examples/honi-agreement.pdf>and
$50,000 settlement with Hospice of North Idaho (“HONI”) for a breach
that affected 441 individuals. This action is notable because prior HHS
enforcement actions relating to breaches have involved a greater number of
affected individuals (for example, the first breach-related enforcement
action<http://www.huntonprivacyblog.com/2012/03/articles/hhs-settles-first-breach-notification-rule-case-for-1-5-million/>in
March 2012 affected more than 1 million). The Health Information
Technology for Economic and Clinical Health (“HITECH”) Breach Notification
Rule sets 500 as a threshold number of affected individuals triggering
certain notification requirements such as the obligation to notify HHS
within 60 days of discovery of the breach.

http://bit.ly/TC43jG

Source:
http://www.huntonprivacyblog.com/2013/01/articles/hhs-settles-first-enforcement-action-relating-to-a-breach-affecting-fewer-than-500-individuals/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed:+PrivacyInformationSecurityLawBlog+(Privacy+%26+Information+Security+Law+Blog)&utm_content=Google+Reader
See if people are clicking on this link: http://bit.ly/TC43jG+
Try the bitly.com sidebar to see who is talking about a page on the web:
http://bitly.com/pages/sidebar

List archives at http://lists.ufl.edu/archives/recmgmt-l.html
Contact [log in to unmask] for assistance
To unsubscribe from this list, click the below link. If not already present, place UNSUBSCRIBE RECMGMT-L or UNSUB RECMGMT-L in the body of the message.
mailto:[log in to unmask]