HIPAA Horror Stories

Contractor’s weak password leads to huge HIPAA breach

one-minute read

Business Associates are the biggest HIPAA Breach vulnerability

Feds investigating a major breach of Fort Wayne, Indiana-based medical records service provider Medical Informatics Engineering (MIE) cited poor password management after computer hackers infiltrated the electronic protected health information (ePHI) of 3.5 million people.

The Office for Civil Rights, the federal agency that investigates HIPAA breaches, also determined MIE had failed to conduct a Comprehensive Risk Analysis prior to the hacking.

HIPAA Breach Investigations Usually Uncover More Violations

Health Insurance Portability and Accountability Act (HIPAA) rules require that all Business Associates and Covered Entities perform an accurate and thorough analysis of the potential risks and vulnerabilities to the confidentiality, integrity, and availability of electronic protected health information.

As a contractor serving health care providers, MIE is considered a “Business Associate.” Even though Business Associates do not treat patients, they have access to patient records and, consequently, are required to follow HIPAA rules.

A HIPAA Breach can lead to class action lawsuits

As a result of this HIPAA breach, MIE now faces a class action lawsuit claiming, among other allegations, that the illegal disclosure cost victims many hours filing police reports as a result of fraudulent charges on various accounts.

Victims claim they must pay for identity theft monitoring for the rest of their lives as a result of the MIE breach. The suit claims more than $5 million in damages, affecting more than 100 victims in 19 states.

A HIPAA Breach Doesn’t Have To Happen

If you’re a Business Associate and don’t have an adequate risk management plan in place, The HIPAA E-Tool®  can help.

If you’re a Health Care Provider (a HIPAA Covered Entity) and you’re not sure if the Business Associates who support your work are protecting your patients’ information, The HIPAA E-Tool® can help.

If you are confused about your HIPAA responsibilities, don’t spend another minute worrying. HIPAA compliance is easy — when you know the rules.

The HIPAA E-Tool® makes compliance fast and easy. Get your free HIPAA Quick Start kit, complete with a webcam privacy guard, HIPAA Hot Zone labels and a HIPAA checklist delivered directly to your office.

Don’t become a HIPAA Horror Story! HIPAA compliance is easy, when you know the rules.

Request A Demo

Copyright © 2020 ET&C Group LLC.

The HIPAA E-Tool® and Protecting Patient Privacy is Our Job®
are registered trademarks of ET&C Group LLC

3534 Washington Avenue, Saint Louis, MO 63103
Terms of Service | Privacy Policy

Powered by JEMSU

You may have questions about COVID-19 and HIPAA. We have answers. 

We are open and answering questions about all the new modifications and waivers, coming from HHS, OCR, CMS, and the new CARES act.

If you need help with HIPAA during the COVID-19 pandemic, fill in the form, and we’ll get back to you.

Free hipaa kit!

hipaa compliance Quick start kit
Delivered free