How To Avoid A HIPAA Breach from Your Photocopier

If your practice leases photocopy machines, you need to be aware that a copier hard drive may contain your patients’ protected health information (“PHI”).  It is imperative that practices recognize that a photocopier stores  electronic PHI, and not unwittingly upgrade photocopier machine without first clearing the hard drive of all protected health information.

Affinity Health Plan, Inc. had to learn this lesson the hard way, and it was a lesson that many other practices should heed.  The U.S. Department for Health & Human Service, Office of Civil Rights’, “investigation indicated that Affinity impermissibly disclosed the protected health information of up to 344,579 individuals when it returned multiple photocopiers to a leasing agent without erasing the data contained on the copier hard drives.  In addition, the investigation revealed that Affinity failed to incorporate the electronic protected health information stored in copier’s hard drives in its analysis of risks and vulnerabilities as required by the Security Rule, and failed to implement policies and procedures when returning the hard drives to its leasing agents.”  The full synopsis, Resolution Agreement, and press release can be read here.

Affinity Health Plan, Inc. learned the hard way.  Not only did it harm its reputation, but it also had to pay HHS $1,215,780.00 for its data breach.  Healthcare providers must be extremely cautious with regard to ePHI and must be steadfast in safeguarding PHI.  Otherwise, you may face disastrous penalties.

Tell us how you prepared for the HITECH Act and Final Rule to avoid breaches?   Share your ideas with us by clicking on the comment button below.  We’d love to hear from you.

Get “News You Can Use” delivered directly to your e-mail inbox. Click here to Subscribe.

Related Posts


Recent Posts

Happy Thanksgiving from Rickard & Associates!
November 24, 2022
Protect Your Practice Against Telemedicine Fraud
November 22, 2022
Do I Need an Estate Plan?
November 17, 2022
Ready for an Audit?
November 15, 2022
What’s Wrong with Using an Online Will?
November 10, 2022


Enter your email to subscribe now and receive your FREE HIPAA Risk Assessment book!

An essential tool for all healthcare providers, Easy Guide to HIPAA Risk Assessments breaks down the requirements of HIPAA so you can successfully complete your required risk assessment.


Get it now for FREE (an $8.99 value!)

One more step! Please check your email to confirm your subscription and receive your FREE book!