Home » CTEK in the News » Judge rules MD Anderson must pay $4.3M for HIPAA violations

× Share this Article

Facebook
Twitter
Email
LinkedIn

Judge rules MD Anderson must pay $4.3M for HIPAA violations

June 19, 2018 Mayuri Kumar

Share this Article
Facebook
Twitter
Email
LinkedIn

An HHS administrative law judge has ruled that MD Anderson Cancer Center violated HIPAA and must pay $4,348,000 to the HHS Office for Civil Rights.

The violations date back to three separate breach reports in 2012 and 2013. The incidents involved the stealing of an unencrypted laptop from an MD Anderson employee’s residence, as well as the loss of two unencrypted USB thumb drives holding the unencrypted ePHI of more than 33,500 people.

David Holtzman’s commentary on the MD Anderson HIPAA violation was featured in MedCity News article. Click here to read more.

MD Anderson Cancer Center Fined $4.3 M For Data Breach

Planning to Fail? And Did You Know?

Most Recent Articles

Cybersecurity M&A Roundup: 36 Deals Announced in May 2022

Thirty-six cybersecurity-related merger and acquisition (M&A) deals were announced in May 2022.

A new approach to healthcare cybersecurity

Ben Denkers, CIO of CynergisTek discusses steps healthcare cybersecurity leaders can follow these four steps to improve their security posture in the face of cyberattacks.

Hospitals' latest cybersecurity threat: Burned out healthcare workers

Thomas Graham, Chief Information Security Officer for CynergisTek discusses healthcare workers and the current climate.

Alliance targets healthcare supply chain cybersecurity risk management in new guide

New guidance from the Cloud Security Alliance aims to support delivery organizations with assessing and managing cybersecurity risks to the healthcare supply chain.

Mitigating Insider Security Threats in Healthcare

Dave Bailey, Vice President of Security Services discusses developing and maintaining solid security practices.

Episode 5 - Test Your Security Environment - 3 Point Cyber

In this episode, we discuss with Mac areas where our industry needs to do a better job of testing our controls and environment instead of completely trusting them to do what we think.

Health data hacking booms in 2021

Mac McMillan discusses the speed in which cyber security is increasing.

With consumer data privacy in focus, making the case for NIST in healthcare

Andrew Mahler discusses the existing challenges with HIPAA compliance and current state regulations will only compound further as regulating.

FDA Document Details Cyber Expectations for Device Makers

Mac McMillan discusses the FDA's new guidance and the progress we have made over the last decade in talking about and raising issues with medical device security.

Mac McMillan on the Ukraine Invasion and Its Potential Cyber Impacts

Mac McMillan shared his perspectives on the potential for the Russian invasion of Ukraine to indirectly impact IT in the U.S. healthcare system, particularly with regard to supply chain.

Medtech, hospitals on alert for cyberattacks after Russia's invasion of Ukraine – MedTech Dive

Mac McMillan, CEO of CynergisTek discusses the possibility of cyberattacks beginning and how no one can tell for sure how wide the fallout could be.

Medtech, hospitals on alert for cyberattacks after Russia's invasion of Ukraine

Mac McMillan, CEO of CynergisTek discusses the possibility of cyberattacks beginning and how no one can tell for sure how wide the fallout might be.

KLAS: Evaluating Top Healthcare IoT Security Vendors

KLAS named Medigate, Ordr, and Armis as top healthcare IoT security vendors, all of which can help organizations manage connected device security risks.

How data privacy frameworks are evolving, and how they can guide risk-based decisions

Andrew Mahler discusses the growing number of challenges healthcare organizations related to protecting the privacy of data and ensuring certain rights of patients, members, and consumers.

CynergisTek is a team of privacy, compliance, IT Audit, and cybersecurity experts dedicated to helping healthcare organizations prepare, reh

Andrew Mahler, Director of Privacy, Compliance and Managed Services at CynergisTek discusses privacy frameworks and the increased regulatory enforcement within the healthcare sector.

6 Healthcare Cybersecurity, Ransomware Predictions to Watch in 2022

HIT Consultant reached out to six healthcare executives, including MAc McMillan CEO of CynergisTek, for their trends and predictions on healthcare cybersecurity and ransomware to watch in 2022.

Cyberattacks in healthcare surged last year, and 2022 could be even worse

Mac McMillan discusses healthcare providers and their need to devote more resources to preventing cybersecurity attacks.

Federal Authorities, Patient Safety Experts Warn of Risks

Benjamin Denkers, CIO Privacy and Security discusses ransomware and how compromising a larger healthcare organization can provide attackers with more leverage.

Doors to the Future: Our 2022 State of the Industry Survey

Mac McMillan, CEO of CynergisTek discusses the intensifying set of cybersecurity threats facing patient care organizations nationwide.

CynergisTek’s McMillan on this Current, Fraught Moment in Cybersecurity

Mac McMillan, CEO of CynergisTek discusses cybersecurity attacks and breaches of the past few months as pointing up a key lesson for health system leaders.

Return to Home

Insights Center

Judge rules MD Anderson must pay $4.3M for HIPAA violations

Previous Article

Next Article