Maintaining data security is no longer a when-you-get-to-it project. It’s a critical step that needs to be undertaken now, particularly as the government is formulating a final rule that toughens privacy. That was the take-home message from a session on data privacy at the Medical Group Management Association annual convention, in San Antonio.

Robert Tennant, senior policy advisor at MGMA, laid out the details of a number of enforcement actions taken by HHS against provider organizations with data breaches and access infractions. In one case, Cignet Health Care in Maryland ignored at least 41 patient requests for access to their health records. Cignet eventually was hit with $4.3 million in fines. In another, Massachusetts General Hospital settled for $1 million after a staff member had left a device with patient information on the subway.

Register or login for access to this item and much more

All Health Data Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access