Data Law Insights

Data Law Insights

Legal insights on navigating privacy, data protection, cybersecurity, information governance, and e-discovery

Tag Archives: Risk Analysis

New OCR Settlement Targets Safety Net Provider on Security Rule Deficiencies

Posted in Cybersecurity / Data Security, Information Management
On Wednesday, the U.S. Department of Health and Human Services, Office for Civil Rights announced a $400,000 settlement with Metro Community Provider Network arising from MCPN’s alleged failure to implement adequate security management processes to safeguard electronic protected health information in accordance with the Health Insurance Portability and Accountability Act Security Rule. This settlement followed… Continue Reading

OCR Announces $1.5M Settlement

Posted in Data Breach
OCR just announced another huge settlement.  The $1.5 million settlement with North Memorial Health Care is based on the alleged failure to enter into a business associate agreement and alleged failure to conduct a risk analysis.  The investigation started (as many OCR settlements often do) after OCR received a breach report regarding a stolen laptop… Continue Reading