How to Avoid Paying $2 Million for Losing A Laptop?

Losing a Laptop can cost you $2 Million dollars.  Why?

The laptop had health information on it.  

“Two entities have paid the U.S. Department of Health and Human Services Office for Civil Rights (“OCR”) $1,975,220 collectively to resolve potential violations of the Health Insurance Portability and Accountability Act (“HIPAA”) Privacy and Security Rules.  These major enforcement actions underscore the significant risk to the security of patient information posed by unencrypted laptop computers and other mobile devices.” Article.

The settlements underscore the importance of properly protecting devices with electronic PHI. 

As an example, the following detail the facts of each case:

1.  Concentra Health Services reported that an unencrypted laptop was stolen.  The investigation revealed that Concentra had previously recognized in multiple risk analyses that a lack of encryption on its laptops, desktop computers, medical equipment, tablets and other devices containing electronic protected health information (ePHI) was a critical risk.  While steps were taken to begin encryption, Concentra’s efforts were incomplete and inconsistent over time leaving patient information vulnerable.

Concentra has agreed to pay OCR $1,725,220 to settle potential violation.

2.  In February 2012, a report was received from QCA Health Plan, Inc. of Arkansas reporting that an unencrypted laptop computer containing the health information of 148 individuals was stolen from an employee’s car.  While QCA encrypted their devices following discovery of the breach, they failed to comply the HIPAA Privacy and Security Rules.

QCA agreed to a $250,000 settlement

HIPAA obligations are not new.  Healthcare providers should be up to date on the requirements.  Moreover, healthcare providers should be encrypting their devices to protect against a potential breach.

If you or your entity needs assistance with the intricacies of protecting and safeguarding health information, please do not hesitate to contact our office – we can help.  For assistance CLICK HERE.

Get “News You Can Use” delivered directly to your e-mail inbox. Click here to Subscribe.


Related Posts


Recent Posts

Breaking: New Self-Disclosure Policy
March 21, 2023
What is a Power of Attorney?
March 16, 2023
Can Your EHR Template Land You in Prison?
March 14, 2023
What Happens When You Don’t Fund Your Trust?
March 9, 2023
What is the Cost of a Data Breach?
March 7, 2023


Enter your email to subscribe now and receive your FREE HIPAA Risk Assessment book!

An essential tool for all healthcare providers, Easy Guide to HIPAA Risk Assessments breaks down the requirements of HIPAA so you can successfully complete your required risk assessment.


Get it now for FREE (an $8.99 value!)

One more step! Please check your email to confirm your subscription and receive your FREE book!