How To Avoid A HIPAA Breach from Your Photocopier

If your practice leases photocopy machines, you need to be aware that a copier hard drive may contain your patients’ protected health information (“PHI”).  It is imperative that practices recognize that a photocopier stores  electronic PHI, and not unwittingly upgrade photocopier machine without first clearing the hard drive of all protected health information.

Affinity Health Plan, Inc. had to learn this lesson the hard way, and it was a lesson that many other practices should heed.  The U.S. Department for Health & Human Service, Office of Civil Rights’, “investigation indicated that Affinity impermissibly disclosed the protected health information of up to 344,579 individuals when it returned multiple photocopiers to a leasing agent without erasing the data contained on the copier hard drives.  In addition, the investigation revealed that Affinity failed to incorporate the electronic protected health information stored in copier’s hard drives in its analysis of risks and vulnerabilities as required by the Security Rule, and failed to implement policies and procedures when returning the hard drives to its leasing agents.”  The full synopsis, Resolution Agreement, and press release can be read here.

Affinity Health Plan, Inc. learned the hard way.  Not only did it harm its reputation, but it also had to pay HHS $1,215,780.00 for its data breach.  Healthcare providers must be extremely cautious with regard to ePHI and must be steadfast in safeguarding PHI.  Otherwise, you may face disastrous penalties.

Tell us how you prepared for the HITECH Act and Final Rule to avoid breaches?   Share your ideas with us by clicking on the comment button below.  We’d love to hear from you.

Get “News You Can Use” delivered directly to your e-mail inbox. Click here to Subscribe.

Related Posts


Recent Posts

Breaking: New Self-Disclosure Policy
March 21, 2023
What is a Power of Attorney?
March 16, 2023
Can Your EHR Template Land You in Prison?
March 14, 2023
What Happens When You Don’t Fund Your Trust?
March 9, 2023
What is the Cost of a Data Breach?
March 7, 2023


Enter your email to subscribe now and receive your FREE HIPAA Risk Assessment book!

An essential tool for all healthcare providers, Easy Guide to HIPAA Risk Assessments breaks down the requirements of HIPAA so you can successfully complete your required risk assessment.


Get it now for FREE (an $8.99 value!)

One more step! Please check your email to confirm your subscription and receive your FREE book!