The Catholic Health Care Services (CHCS) of the Archdiocese of Philadelphia, a nonprofit organization, was forced to pay a $650,000 fine. The action resulted after an employee lost a business cell phone containing sensitive information from the network’s nursing home practices. The data included medical and personal information, including in some instances social security numbers. A total of 412 patients protected health information (PHI) spanning 6 nursing homes were compromised. This case is not only amazing for the facts including that type of information on a company cell phone, but even more remarkably that the phone was neither password protected nor encrypted!

Read more about the facts and general HIPAA compliance here.