Dive Brief:
- Two health organizations have agreed to pay HHS' Office of Civil Rights nearly $2 million in settlements collectively over separate data breaches, according to Health IT Security.
- Concentra Health Services, for its part, saw an unencrypted laptop stolen in Fort Worth, Texas. The laptop contained the medical records of more than 900 patients. Concentra also experienced a data breach in Springfield, Missouri in which another unencrypted laptop carrying 870 patient records was stolen.
- Meanwhile, QCA Health Plan in Little Rock, Arkansas had an unencrypted laptop containing the medical records of 148 individuals stolen from an employee's car.
Dive Insight:
Though theft of unencrypted data is surprisingly common, health care administrators don't seem to do enough to see to it that mobile devices' data are encrypted—as evidenced by the recent FBI industry warning. It's not surprising that OCR has run out of patience with institutions that don't protect their data at even this basic level. After all, it's not as though data encryption is an advanced technology that should be beyond the reach of even small health care providers.