Lost, unsecured, non-encrypted cell phone costs facility $650k in HIPAA fines

The┬áCatholic Health Care Services (CHCS) of the Archdiocese of Philadelphia, a nonprofit organization, was forced to pay a $650,000 fine. The action resulted after an employee lost a business cell phone containing sensitive information from the network’s nursing home practices. The data included medical and personal information, including in some instances social security numbers. A total of 412 patients protected health information (PHI) spanning 6 nursing homes were compromised. This case is not only amazing for the facts including that type of information on a company cell phone, but even more remarkably that the phone was neither password protected nor encrypted!

Read more about the facts and general HIPAA compliance here.

Leave a Reply

Your email address will not be published. Required fields are marked *