Intro by Madison Hartman, IU McKinney
The Office for Civil Rights (OCR) and the U.S. Department of Health and Human Services (HHS) has ordered Sentara Hospitals to pay $2.175 million to settle potential HIPAA violations. Sentara Hospitals, which operates more than 300 sites throughout Virginia and North Carolina, was accused of HIPPA violations in April of 2017.
The complaint that HHS received regarding the violation alleged that the hospital system had sent a bill to an individual containing another patient’s protected health information (PHI). In its investigation of the complaint, OCR discovered that Sentara had mailed 577 patients’ PHI to wrong addresses, even though Sentara only reported that the incident affected 8 patients. Sentara reported the incident in this way because only the patients’ names, account numbers and dates of services were revealed, and Sentara wrongly believed that because the disclosure did not include diagnosis or treatment information, that it was not a violation of HIPAA. This hefty fine will surely be a wakeup call to other hospital systems to ensure that they are compliant with the time-sensitive self-reporting requirements of HIPAA.
If you would like to submit content or write an article for the Health Care & Life Sciences Section, please email Kara Sikorski at email@example.com.