News Briefs: July 27, 2020

Metropolitan Community Health Services in North Carolina, doing business as Agape Health Services, has agreed to pay $25,000 to settle potential violations of the HIPAA Security Rule, the HHS Office for Civil Rights (OCR) said July 23.[1] Metro, a federally qualified health center, serves an underserved population in rural North Carolina, which OCR considered in reaching the settlement. It stemmed from a June 9, 2011, breach report filed by Metro about the impermissible disclosure of protected health information to an unknown email account, affecting 1,263 patients. “OCR’s investigation revealed longstanding, systemic noncompliance with the HIPAA Security Rule. Specifically, Metro failed to conduct any risk analyses, failed to implement any HIPAA Security Rule policies and procedures, and neglected to provide workforce members with security awareness training until 2016,” OCR said. Metro didn’t admit liability in the settlement.

This document is only available to subscribers. Please log in or purchase access.
 


Would you like to read this entire article?

If you already subscribe to this publication, just log in. If not, let us send you an email with a link that will allow you to read the entire article for free. Just complete the following form.

* required field