$150,000 Fine for Lost Thumb Drive

Recently, an unencrypted USB drive (also known as a flash drive, thumb drive) resulted in a $150,000 fine for a dermatology practice.  The device contained protected health information for over 2,200 patients.  Evidently the device was stolen from the vehicle of one of its staff members.  The practice agreed on a settlement for the fine in addition to a corrective action plan to correct HIPAA compliance issues.

How do you back up your practice data? Is a staff member taking it home? Is it stored in their personal vehicle? Is the information encrypted?

Conduct an accurate and thorough HIPAA Data Security Risk Assessment.  Good risk management avoids these costly compliance errors.  To view more information about this data breach, go to www.hhs.gov.

Contact Modern Practice Solutions for your HIPAA Data Risk Assessment today.  (931) 232-7738.