top of page
Search

Fifth Ransomware is a CMP !

Writer's picture: Alan DavisAlan Davis

The Office of Civil Rights (OCR) announced this week a $240,000 civil monetary penalty (CMP) against Providence Medical Institute (Providence) of California, following a self-reported 2018 ransomware attack against Providence's electronic protected health information that affected 85,000 patients. OCR "...OCR found two potential violations of the HIPAA Security Rule, including failure to have a business associate agreement in place and failure to implement policies and procedures to allow only authorized persons or software programs access to ePHI..."


OCR reports that Providence waived its right to a hearing and did not contest OCR's findings. As such, a CMP was imposed. You can read OCR's Notice of Final Determination by clicking the graphic below.


Stay (HIPAA) safe, Alan -





2 views0 comments

Comments


Experience                   Integrity                        Results

Proteus Consulting, LLC

Hayden, ID, 83835

(208) 215.5607

Copyright © 2013 - 2024 Proteus Consulting, LLC

bottom of page