How to Avoid Paying $2 Million for Losing A Laptop?

Losing a Laptop can cost you $2 Million dollars.  Why?

The laptop had health information on it.  

“Two entities have paid the U.S. Department of Health and Human Services Office for Civil Rights (“OCR”) $1,975,220 collectively to resolve potential violations of the Health Insurance Portability and Accountability Act (“HIPAA”) Privacy and Security Rules.  These major enforcement actions underscore the significant risk to the security of patient information posed by unencrypted laptop computers and other mobile devices.” Article.

The settlements underscore the importance of properly protecting devices with electronic PHI. 

As an example, the following detail the facts of each case:

1.  Concentra Health Services reported that an unencrypted laptop was stolen.  The investigation revealed that Concentra had previously recognized in multiple risk analyses that a lack of encryption on its laptops, desktop computers, medical equipment, tablets and other devices containing electronic protected health information (ePHI) was a critical risk.  While steps were taken to begin encryption, Concentra’s efforts were incomplete and inconsistent over time leaving patient information vulnerable.

Concentra has agreed to pay OCR $1,725,220 to settle potential violation.

2.  In February 2012, a report was received from QCA Health Plan, Inc. of Arkansas reporting that an unencrypted laptop computer containing the health information of 148 individuals was stolen from an employee’s car.  While QCA encrypted their devices following discovery of the breach, they failed to comply the HIPAA Privacy and Security Rules.

QCA agreed to a $250,000 settlement

HIPAA obligations are not new.  Healthcare providers should be up to date on the requirements.  Moreover, healthcare providers should be encrypting their devices to protect against a potential breach.

If you or your entity needs assistance with the intricacies of protecting and safeguarding health information, please do not hesitate to contact our office – we can help.  For assistance CLICK HERE.

Get “News You Can Use” delivered directly to your e-mail inbox. Click here to Subscribe.


Related Posts


Recent Posts

Getting Remarried? Here’s What You Need to Know
March 21, 2024
What is the Biggest Threat to Healthcare?
January 30, 2024
How Can I Simplify Estate Planning?
January 11, 2024
I Have a Trust. Now What?
December 7, 2023
Breaking: Corewell Health Breach
December 5, 2023


Subscribe to Our Newsletter

Subscribe and get your FREE copy of Easy Guide to HIPAA Risk Assessments

An essential tool for all healthcare providers, Easy Guide to HIPAA Risk Assessments breaks down the requirements of HIPAA so you can successfully complete your required risk assessment. (an $8.99 value)

Thank you for subscribing to the Rickard & Associates healthcare blog. You'll receive a confirmation email shortly. After verifying your subscription request, you'll be sent to the "Easy Guide to HIPAA Risk Assessments" download page.