Affinity Health Plan to pay more than $1.2 million for HIPAA violations

Affinity Health Plan will pay more than $1.2 million for HIPAA violations, according to the Health and Human Services Office of Civil Rights. A photocopier it previously leased was sold to television network CBS--the CBS Evening News discovered that the copier had protected health information on its hard drive. Affinity estimated that the breach affected 344,579 individuals.

"OCR's investigation indicated that Affinity impermissibly disclosed the protected health information of these affected individuals when it returned multiple photocopiers to leasing agents without erasing the data contained on the copier hard drives," according to the OCR announcement. "In addition, the investigation revealed that Affinity failed to incorporate the electronic protected information stored on photocopier hard drives in its analysis of risks and vulnerabilities as required by the Security Rule, and failed to implement policies and procedures when returning the photocopiers to its leasing agents." Article

Suggested Articles

Nearly 10,000 patients involved in research studies were impacted by a third-party privacy breach that may have exposed their medical diagnoses.

Veterans Health Administration medical facilities currently have a paper medical record backlog that if stacked up would be 5.15 miles high, according to the…

The Department of Health and Human Services announced proposed changes to privacy restrictions on patients' substance use treatment records.