Surgery practice fined $100K for posting patient appointments online

After posting patient appointments in an unsecured calendar online, Phoenix (Ariz.) Cardiac Surgery was fined $100,000 by the U.S. Department of Health & Human Services. Leon Rodriguez, director of the Office for Civil Rights, called the case as a multi-year and continuing failure to comply with HIPAA. Additionally, according to HHS, the facility had no documentation of HIPAA training for its employees. "We hope that healthcare providers pay careful attention to this resolution agreement and understand that the HIPAA Privacy and Security Rules have been in place for many years, and OCR expects full compliance no matter the size of a covered entity," Rodriguez said. Announcement

Suggested Articles

The Office for Civil Rights is ramping up its focus on the Right of Access Initiative, which ensures patients timely access to their medical records.

Mount Sinai is launching a diversity and inclusion hub to serve as an incubator for new technology and to help diversify the pipeline in innovation.

CVS Health is joining forces with UPS to test several different applications for drone delivery, including sending products directly to patients.