logo
Questions? +1 (202) 335-3939 Login
Set Up FREE Account Submit Release
Trusted News Since 1995
A service for healthcare industry professionals · Tuesday, April 23, 2024 · 705,787,400 Articles · 3+ Million Readers
Got News to Share? Send 2 FREE Releases
News Search | All News Topics > Healthcare Reform News Topics: By Country | By State ; Press Releases by Industry Channel > All Healthcare Reform Press Releases

Consequences for HIPAA violations don’t stop when a business closes

A receiver appointed to liquidate the assets of Filefax, Inc. has agreed to pay $ 100,000 out of the receivership estate to the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) in order to settle potential violations of the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule. Filefax, located in Northbrook, Illinois, advertised that it provided for the storage, maintenance, and delivery of medical records for covered entities. Although Filefax shut its doors during the course of OCR’s investigation into alleged HIPAA violations, it could not escape its obligations under the law.

On February 10, 2015, OCR received an anonymous complaint alleging that an individual transported medical records obtained from Filefax to a shredding and recycling facility to sell on February 6 and 9, 2015. OCR opened an investigation, which confirmed that an individual had left medical records of approximately 2,150 patients at the shredding and recycling facility, and that these medical records contained patients’ protected health information (PHI).

OCR’s investigation indicated that between January 28, 2015, and February 14, 2015, Filefax impermissibly disclosed the PHI of 2,150 individuals by leaving the PHI in an unlocked truck in the Filefax parking lot, or by granting permission to an unauthorized person to remove the PHI from Filefax, and leaving the PHI unsecured outside the Filefax facility.

“The careless handling of PHI is never acceptable,” said OCR Director Roger Severino. “Covered entities and business associates need to be aware that OCR is committed to enforcing HIPAA regardless of whether a covered entity is opening its doors or closing them. HIPAA still applies.”

Filefax is no longer in business. In 2016, a court in unrelated litigation appointed a receiver to liquidate its assets for distribution to creditors and others.  In addition to a $100,000 monetary settlement, the receiver has agreed, on behalf of Filefax, to properly store and dispose of remaining medical records found at Filefax’s facility in compliance with HIPAA.

The resolution agreement and corrective action plan may be found on the OCR website at   http://www.hhs.gov/hipaa/for-professionals/compliance-enforcement/agreements/Filefax/index.html.

To learn more about non-discrimination and health information privacy laws, your civil rights, and privacy rights in health care and human service settings, and to find information on filing a complaint, visit us at http://www.hhs.gov/hipaa/index.html.

Follow OCR on Twitter at http://twitter.com/HHSOCR.

Powered by EIN Presswire
Distribution channels: Healthcare & Pharmaceuticals Industry


EIN Presswire does not exercise editorial control over third-party content provided, uploaded, published, or distributed by users of EIN Presswire. We are a distributor, not a publisher, of 3rd party content. Such content may contain the views, opinions, statements, offers, and other material of the respective users, suppliers, participants, or authors.

Submit your press release

Healthcare Reform News Today by EIN Newsdesk & EIN Presswire (a press release distribution service)

Follow us on Facebook & Twitter and connect with us on LinkedIn

Newsmatics Inc., 1025 Connecticut Avenue NW, Suite 1000, Washington, DC 20036 · Contact · About

© 1995-2024 Newsmatics Inc., a publisher of EIN News · All Rights Reserved · Privacy Policy · User Agreement