Stolen Laptop Leads to $2.5 Million HIPAA Breach Penalty

“The theft of a laptop computer containing information of nearly 1,400 patients was among two HIPAA breaches that led a Pennsylvania provider of remote heart monitoring to pay $2.5 million, federal authorities said this week. Malvern-based CardioNet, Inc., essentially had no process at all for securely managing electronic protected health information (ePHI) of the patients […]

Phishing Attack Results in $400,000 HIPAA Breach Fine

“Investigators from the U.S. Department of Health and Human Services Office of Civil Rights (OCR) found that MCPN violated the HIPAA Security Rule by failing to do proper risk assessments or implement adequate cybersecurity measures and procedures. “Specifically, MCPN has failed to conduct an accurate and thorough assessment of the potential risks and vulnerabilities to […]