OHSU Pays $2.7 Million HIPAA Fine: Key Takeaways
Posted: July 20, 2016 to Compliance.
Oregon Health and Science University (OHSU) was accused of violating two HIPAA data breaches involving protected health information (PHI). The first breach revolved around a stolen laptop. The second breach occurred when OHSU contracted cloud storage usage without securing a business associate agreement. Although these violations have not yet caused harm to any OHSU patients, the healthcare institution has taken responsibility by agreeing to pay $2.7 million in fines and by implementing a stringent 3-year plan to ensure that the university is following HIPAA standards. In a statement from CIO Bridget Barnes, she states that, “In the face of these challenges, OHSU is proactively working to ensure the creation of a sustainable gold standard for protected health information security and HIPAA compliance.”Protect Your Business Today
Petronella Technology Group has provided cybersecurity, compliance, and managed IT services from Raleigh, NC for over 23 years. Contact us today for a free consultation and technology assessment.
Need help implementing these strategies?
Our cybersecurity experts can assess your environment and build a tailored plan.
Get Free Assessment
