Federal regulators have slapped Norfolk, Va.-based Sentara Hospitals with a $2.2 million HIPAA settlement for improperly reporting a breach and lacking a business associate agreement.
In a Nov. 27 statement, the Department of Health and Human Services' Office for Civil Rights says the settlement came in the wake of a 2017 breach tied to mailing errors.
OCR acted after receiving a complaint that alleged Sentara Hospitals had sent a bill to an individual containing another patient's protected health information.
Click here to read the full story.