My slides from this presentation, "Compliance Approaches in the Changing HIT Privacy and Security Landscape: How You Can Nurture a Culture of Health Information Security and Privacy" cover HIPAA and HITECH developments and compliance, with a focus on breaches and OCR settlements/penalties, including:
- §Resolution Agreement with Providence Health & Services–July 16, 2008
Settlement: $100,000 - §Resolution Agreement with CVS Pharmacy, Inc.–January 16, 2009
Settlement: $2.25 million - §Resolution Agreement with Rite Aid Corporation–July 27, 2010
Settlement: $1 million - §Resolution Agreement with Management Services Organization Washington, Inc.–December 13, 2010 Settlement: $35,000
- §Civil Money Penalty issued to Cignet Health of Prince George’s County, MD–February 4, 2011
Civil penalty: $4.3 million - §Resolution Agreement with General Hospital Corp. & Massachusetts General Physicians Organization, Inc.–February 14, 2011
Settlement: $1 million