{"version":"1.0","provider_name":"OTAVA","provider_url":"https:\/\/www.otava.com","title":"Business Associate-Related HIPAA Violation Results in $750,000 Fines","type":"rich","width":600,"height":338,"html":"<blockquote class=\"wp-embedded-content\" data-secret=\"AEZc1HSnYc\"><a href=\"https:\/\/www.otava.com\/blog\/business-associate-related-hipaa-violation-results-in-750000-fines\/\">Business Associate-Related HIPAA Violation Results in $750,000 Fines<\/a><\/blockquote><iframe sandbox=\"allow-scripts\" security=\"restricted\" src=\"https:\/\/www.otava.com\/blog\/business-associate-related-hipaa-violation-results-in-750000-fines\/embed\/#?secret=AEZc1HSnYc\" width=\"600\" height=\"338\" title=\"&#8220;Business Associate-Related HIPAA Violation Results in $750,000 Fines&#8221; &#8212; OTAVA\" data-secret=\"AEZc1HSnYc\" frameborder=\"0\" marginwidth=\"0\" marginheight=\"0\" scrolling=\"no\" class=\"wp-embedded-content\"><\/iframe><script type=\"text\/javascript\">\n\/* <![CDATA[ *\/\n\/*! This file is auto-generated *\/\n!function(d,l){\"use strict\";l.querySelector&&d.addEventListener&&\"undefined\"!=typeof URL&&(d.wp=d.wp||{},d.wp.receiveEmbedMessage||(d.wp.receiveEmbedMessage=function(e){var t=e.data;if((t||t.secret||t.message||t.value)&&!\/[^a-zA-Z0-9]\/.test(t.secret)){for(var s,r,n,a=l.querySelectorAll('iframe[data-secret=\"'+t.secret+'\"]'),o=l.querySelectorAll('blockquote[data-secret=\"'+t.secret+'\"]'),c=new RegExp(\"^https?:$\",\"i\"),i=0;i<o.length;i++)o[i].style.display=\"none\";for(i=0;i<a.length;i++)s=a[i],e.source===s.contentWindow&&(s.removeAttribute(\"style\"),\"height\"===t.message?(1e3<(r=parseInt(t.value,10))?r=1e3:~~r<200&&(r=200),s.height=r):\"link\"===t.message&&(r=new URL(s.getAttribute(\"src\")),n=new URL(t.value),c.test(n.protocol))&&n.host===r.host&&l.activeElement===s&&(d.top.location.href=t.value))}},d.addEventListener(\"message\",d.wp.receiveEmbedMessage,!1),l.addEventListener(\"DOMContentLoaded\",function(){for(var e,t,s=l.querySelectorAll(\"iframe.wp-embedded-content\"),r=0;r<s.length;r++)(t=(e=s[r]).getAttribute(\"data-secret\"))||(t=Math.random().toString(36).substring(2,12),e.src+=\"#?secret=\"+t,e.setAttribute(\"data-secret\",t)),e.contentWindow.postMessage({message:\"ready\",secret:t},\"*\")},!1)))}(window,document);\n\/\/# sourceURL=https:\/\/www.otava.com\/wp-includes\/js\/wp-embed.min.js\n\/* ]]> *\/\n<\/script>\n","description":"Two years ago, South Shore Hospital of South Weymouth, Massachusetts suffered a data breach when boxes of unencrypted backup tapes went missing while being shipped to their data management business associate, Archive Data Solutions, to be erased. According to HealthcareITNews.com, over 800,000 affected individuals had their personal health information compromised, including names, SSNs, financial account numbers and medical diagnoses. The Attorney General filed suit and finally reached a settlement &#8211; the hospital was fined a $250,000 civil penalty and required to contribute $225,000 to a state fund for protected health information protection awareness. The case stipulates that the hospital never informed their business associate that ePHI (electronic protected health information) was on the tapes, and the hospital also did not do their due diligence to ensure their business associate had the appropriate safeguards in place to protect ePHI. South Shore Hospital was also charged with the failure to sign a business associate agreement with Archive Data. Additionally, the hospital did not have any HIPAA training program in place for its workers. This incident and the resulting fines could have been easily avoided with a bit of forethought and a more in-depth judgement process of their business associates. As I\u2019ve written...","thumbnail_url":"https:\/\/www.otava.com\/wp-content\/uploads\/2019\/04\/hipaa-white-paper.gif"}