[ Friday, September 12, 2014 ]
Huntsville, AL Lab Data Breach: A clinical lab in my old hometown of Huntsville, Alabama is notifying patients, since their billing contractor put some of their
data on a server that was accessible to Google searches. They've notified 7,000 patients. Presumably the lab had a business associate agreement with the billing company, and presumably that BAA will require the billing company to pay for the notification.
Is this "willful neglect"? If so, expect a sizeable fine.
Jeff [9:57 AM]
http://www.blogger.com/template-edit.g?blogID=3380636
Blogger: HIPAA Blog - Edit your Template