top of page
Search

Three Year, $950K, Heritage Valley Health System Settlement

Writer's picture: Alan DavisAlan Davis

Today the Office for Civil Rights (OCR) announced a settlement with Heritage Valley Health System (Heritage Valley), which provides care in Pennsylvania, Ohio and West Virginia, "...concerning potential violations of the HIPAA Security Rule..." Heritage Valley was the victim of a ransomware attack.


It stinks to read that criminals were able to compromise Heritage Valley's information services. It double stinks to hear that Heritage Valley reportedly failed to conduct a compliant risk analysis, to implement a contingency plan to respond to emergencies, and implement policies and procedures to allow only authorized users access to electronic protected health information. These are all basic HIPAA requirements and this HHS announcement reads like it's from 2013.


The $950K, three year settlement is only a piece of Heritage Valley's financial woes and we especially feel for their affected clients. Click the graphic below to read the agreement and please contact us if you're not ready to endure an OCR audit.


Stay (HIPAA) safe,

Alan -



4 views0 comments

Comments


Experience                   Integrity                        Results

Proteus Consulting, LLC

Hayden, ID, 83835

(208) 215.5607

Copyright © 2013 - 2024 Proteus Consulting, LLC

bottom of page