Home » CTEK in the News » Sentara Hospitals' HIPAA Settlement: Why $2.2 Million?

× Share this Article

Facebook
Twitter
Email
LinkedIn

Sentara Hospitals' HIPAA Settlement: Why $2.2 Million?

December 2, 2019 Mayuri Kumar

Share this Article
Facebook
Twitter
Email
LinkedIn

Federal regulators have slapped Norfolk, Va.-based Sentara Hospitals with a $2.2 million HIPAA settlement for improperly reporting a breach and lacking a business associate agreement.

In a Nov. 27 statement, the Department of Health and Human Services' Office for Civil Rights says the settlement came in the wake of a 2017 breach tied to mailing errors.

OCR acted after receiving a complaint that alleged Sentara Hospitals had sent a bill to an individual containing another patient's protected health information.

Click here to read the full story.

The Growing Threat of Ransomware

Health Data Breaches: 3 Lessons Learned

Most Recent Articles

Victim Count in Magellan Ransomware Incident Soars

David Finn discusses the risks faced by interconnected organizations in the healthcare sector and how the number of people affected by the April ransomware attack on Magellan Health continues to grow.

Data Breach Settlement Has an Unusual Provision

David Holtzman discusses the preliminary settlement of a class action data breach lawsuit against Iowa Health System (a.k.a UnityPoint Health).

Breach Notification Delay: A Step-by-Step Timeline

Why are some breach notifications delayed for months? David Bailey discusses the statement made by Choice Health Management Services which issued a step-by-step explanation on breach notifications.

The future of medical appointments will be remote. Here's how hospitals are making the transition and dodging new cyber threats, according t

In this recent Business Insider article, they discuss the future of medical appointments being remote and how hospitals are making the transition and dodging new cyber threats.

A Tale of 2 Health Data Breaches: Persistent Challenges

David Finn discusses two recent health data breaches that illustrate persistent security challenges – defending against ransomware attacks as well as unauthorized access to email.

Telehealth After COVID-19: Privacy, Security Considerations

What will happen after July 25th? The Federal government's recent policy changes for facilitating patient care during COVID-19 may have an impact on telehealth restrictions in the future.

Business Associate Incidents Added to Breach Tally

In the latest article by Healthcareinfosecurity.com David Holtzman discusses the major health data breaches that have been added to the federal tally in recent weeks.

The CyberWire Daily Podcast - Episode 952

Cyberwire’s latest podcast features Caleb Barlow as he discusses the challenges of securing medical records.

The CyberWire Daily Podcast - Episode 1075

Cyberwire’s latest podcast features Caleb Barlow as he discusses his responsibilities during an incident from the SOC operator to the CEO.

Lawsuit Filed Against Accounting Firm in Patient Data Hack

In the latest article by Healthcareinfosecurity.com David Holtzman discusses the class action lawsuit filed against accounting firm BST & Co. CPAs LLC that allegedly exposed patient information.

The CyberWire Daily Podcast - Episode 1108

Cyberwire’s latest podcast features Caleb Barlow as he discusses how hospital CISOs are dealing with the COVID-19 situation.

Telehealth App Breach Spotlights Privacy, Security Risks

A software error that briefly allowed individuals to access other patients' telehealth appointment recordings serves as a reminder of potential security.

Are Academic Healthcare Systems Top COVID-19 Attack Targets?

UCSF released a report that shows that academic healthcare systems and healthcare sector entities both have been favorite targets of hackers during the COVID-19 pandemic.

Healthcare groups report lowest monthly breaches since 2016

Healthcare providers, insurers, and business associates reported 16 data breaches to the federal government in May, the lowest number of data breaches reported in a single month in more than 4 years.

Marti Arvin, Adam Greene and Joan Podleski on COVID-19 Disclosure Issues [Podcast]

Marti Arvin joins The Compliance and Ethics Blog podcast with guests as they discuss questions around the coronavirus pandemic about what is and isn’t permissible.

Inside Job at Clinics: Mobile Phone Used for Fraud

David Holtzman, Executive Advisor at CTEK discusses with Healthcare Info Security on the potential risks posed by employees inappropriately using personal devices during COVID-19.

HHS's COVID-19 Response, Recovery Efforts to Be Scrutinized

David Holtzman, Executive Advisor at CynergisTek, contributes this article, which focuses on the HHS’s new strategic plan for its oversight of HHS COVID-19.

The CyberWire Daily Podcast - Episode 1093

Cyberwire’s latest podcast features Caleb Barlow as he discusses if GDPR may have unintended consequences for stopping COVID-19 scammers.

The CyberWire Daily Podcast - Episode 1085

Cyberwire’s latest podcast features Caleb Barlow as he discusses Alan Brunacini’s concept of an Incident Action Plan.

What To Do When Vendors Fail

David Holtzman Executive Advisor at CynergisTek contributes this article, which focuses on how healthcare providers deal with the security of their vendors, as well as HIPAA requirements/suggestions.

Return to Home

Insights Center

Sentara Hospitals' HIPAA Settlement: Why $2.2 Million?

Previous Article

Next Article