PHI security breach

As reported by Ben Keller, at, Indiana Attorney General Greg Zoeller announced, on July 5, 2011, that health insurer WellPoint Inc. has agreed to pay $100,000 for a PHI security breach that occurred between October 2009 and March 2010.
Continue Reading The Parade of PHI Security Breaches: WellPoint Finally Settles with the Attorney General of Indiana

On February 25, 2011, Robin Erb, Medical Writer at the Detroit Free Press, wrote an article entitled, “Lost Device Compromises Medical Information of 2,777 Patients” relative to another security lapse in less than a year within Henry Ford Health System.
Continue Reading The Henry Ford Health System Makes Another Appearance in the Parade of PHI Security Breaches

Last week for the first time, the Office for Civil Rights of HHS reported exacting heavy financial obligations from (i) Cignet Health on February 22, 2011, with a $4.3 million civil monetary penalty assessment for violations of the HIPAA Privacy Rule, and (ii) Massachusetts General Hospital on February 24, 2011, for a settlement that includes a payment to the U.S. government of $1,000,000 for potential violations of HIPAA.
Continue Reading New Turn in the Parade of PHI Breaches: Office of Civil Rights Exacts Heavy Payments From Cignet Health and Massachusetts General Hospital

The New York City Health and Hospitals Corporation’s North Bronx Healthcare Network has recently become perhaps the largest marcher in the parade of PHI security breaches with a reported 1,700,000 persons affected.
Continue Reading The Largest Marcher in the Parade of Reported PHI Security Breaches: NYC Health and Hospitals Corporation’s North Bronx Healthcare Network

On January 18, 2011, the office of Attorney General William Sorrell of Vermont announced in a press release that it had settled a lawsuit against Health Net, Inc., involving an alleged PHI security breach, by means of a consent decree which requires court approval.
Continue Reading The Parade of PHI Security Breaches: Escalating Enforcement Activity by State Attorneys General – Most Recently in Vermont

The January 19, 2011, blog posting discussed two large PHI security breaches at The University of Rochester Medical Center. Subsequently knowledgeable information and clarification was received in a comment from a reader..
Continue Reading A Reader’s Comment on the Two Large PHI Security Breaches at The University of Rochester Medical Center in 2010

A type of relatively new insurance coverage may be an option for those who worry that even airtight, well-implemented policies and procedures may not be enough to protect a healthcare provider against financial losses from a PHI security breach.
Continue Reading PHI: What Can a Provider Do to “Insure” Against a Security Breach?