Affinity Health Plan to pay more than $1.2 million for HIPAA violations

Affinity Health Plan will pay more than $1.2 million for HIPAA violations, according to the Health and Human Services Office of Civil Rights. A photocopier it previously leased was sold to television network CBS--the CBS Evening News discovered that the copier had protected health information on its hard drive. Affinity estimated that the breach affected 344,579 individuals.

"OCR's investigation indicated that Affinity impermissibly disclosed the protected health information of these affected individuals when it returned multiple photocopiers to leasing agents without erasing the data contained on the copier hard drives," according to the OCR announcement. "In addition, the investigation revealed that Affinity failed to incorporate the electronic protected information stored on photocopier hard drives in its analysis of risks and vulnerabilities as required by the Security Rule, and failed to implement policies and procedures when returning the photocopiers to its leasing agents." Article

Suggested Articles

Mann-Grandstaff VA Medical Center in Spokane, Washington went live with a new Cerner EHR system this weekend, VA's first site for the EHR project.

Health officials in some California counties have cut ties with Verily’s COVID-19 testing sites amid concerns about data collection and privacy.

For providers now offering telemedicine, making sure that their IT infrastructure will safeguard personal health information is critical.