Skip to main content
close search
site logo
Dive Brief

Hospital fined $218K for repeated HIPAA violations

Published July 14, 2015
By
Julie Henry Contributing Editor

Dive Brief:

  • St. Elizabeth's Medical Center in Brighton, MA, has been fined $218,000 for alleged HIPAA violations.
  • The settlement was a result of three separate sucurity breaches between 2012 and 2014.
  • The most recent breach was attributed to an unsecure file-sharing app. The other two resulted from personal health information (PHI) being stored on a former-employee's computer and failure to shred paper billing records that included patient data.

Dive Insight:

Hospitals that are using file-sharing apps to store PHI may want to re-evaluate their privacy and security policies. "Organizations must pay particular attention to HIPAA's requirements when using Internet-based document sharing applications, "Jocelyn Samuels, Office for Civil Rights (OCR) director, said in a July 10 statement. "In order to reduce potential risks and vulnerabilities, all workforce members must follow all policies and procedures, and entities must ensure that incidents are reported and mitigated in a timely manner."

As of now, the OCR has levied almost $26.4 million for HIPAA privacy, security and breach notification violations. The largest settlement was $4.8 million.

Recommended Reading

Filed Under: Health IT

Editors' picks

Company Announcements

View all | Post a press release
Availity® Establishes New Customer Success Organization, Names Bala Sekaran Chief Customer Off…
From Availity
September 16, 2025
Availity logo
Turn.io announces cohort for the 2025 Chat for Health & AI Accelerator
From Turn.io
September 15, 2025
Turn.io logo
Cardinal Digital Marketing to Host Scaling Up: The Healthcare Performance Marketing Summit and…
From Cardinal Digital Marketing
September 16, 2025
Cardinal Digital Marketing logo
NYSORA Launches Comprehensive Educational Solution for Residency Programs
From NYSORA
September 19, 2025
NYSORA logo
Editors' picks
Latest in Health IT
Industry Dive is an Informa TechTarget business.
© 2025 TechTarget, Inc. or its subsidiaries. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell
This website is owned and operated by Informa TechTarget, part of a global network that informs, influences and connects the world's technology buyers and sellers. All copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. TechTarget, Inc.'s registered office is 275 Grove St. Newton, MA 02466.