Federal enforcement agencies are increasingly focusing on HIPAA breaches which involve mishandling of PHI by telecommuters.  Two recent cases illustrate the liability exposure resulting from inadequate oversight of staff working remotely.

Medical equipment supplier Lincare was fined $239,800 as a result of a breach which occurred when an employee left unprotected PHI in a car

Cancer Care Group, P.C., a 13-physician radiation oncology practice in Indiana (group), has agreed to pay $750,000 and implement a comprehensive corrective action plan in a settlement resulting from the theft of a laptop and backup media containing unencrypted patient information.  As is often the case, the breach incident triggered an investigation that revealed deeper