The U.S. Department of Health and Human Services has hit a California-based healthcare provider with a $3 million HIPAA settlement related to two breaches involving misconfigured IT. It's the latest in a recent series of hefty penalties issued in HIPAA cases.
On Thursday, HHS' Office for Civil Rights said Cottage Health, which operates several hospitals, agreed to pay the fine and implement a corrective action plan in the wake of an investigation into the breaches that affected a total of 62,500 individuals. Earlier, the California attorney general had reached a $2 million settlement with Cottage Health.
David Holtzman’s commentary was featured in this article.