A U.S. city will pay the Department of Health and Human Services’ Office for Civil Rights $202,400 for non-compliance. New Haven, Connecticut, didn’t deny access and left confidential health information available to a former employee. The Office for Civil Rights initiated the investigation of the incident in 2017 as soon as the city notified the office. New Haven is to adopt an action plan the part of which is a two-year monitoring to settle the case under HIPAA.
The dismissed employee returned one week after being fired during a trial period. She opened the door with her key, logged in and took all the needed data using a USB flash drive. She also collected paper documents before leaving her former office. The stolen files contained the medical records of about 500 patients. Names, addresses, dates of birth, race/ethnicity and gender were among the leaked details of the individuals who made tests to sexually transmitted diseases.
Moreover, she shared her access rights with an intern who could read and use PHI with the employee’s login credentials. Like this the intern could access the network after the staffer’s dismissal.
New Haven is said to have failed to conduct sufficient and adequate risk management and disregarded staff termination procedures.
Learn more about employee monitoring
SearchInform uses four types of cookies as described below. You can decide which categories of cookies you wish to accept to improve your experience on our website. To learn more about the cookies we use on our site, please read our Cookie Policy.
Always active. These cookies are essential to our website working effectively.
Cookies does not collect personal information. You can disable the cookie files
record
on the Internet Settings tab in your browser.
These cookies allow SearchInform to provide enhanced functionality and personalization, such as remembering the language you choose to interact with the website.
These cookies enable SearchInform to understand what information is the most valuable to you, so we can improve our services and website.
These cookies are created by other resources to allow our website to embed content from other websites, for example, images, ads, and text.
Please enable Functional Cookies
You have disabled the Functional Cookies.
To complete the form and get in touch with us, you need to enable Functional Cookies.
Otherwise the form cannot be sent to us.
Subscribe to our newsletter and receive a bright and useful tutorial Explaining Information Security in 4 steps!
Subscribe to our newsletter and receive case studies in comics!