HHS Settles with California Healthcare Provider Over HIPAA Violations
WASHINGTON, D.C. — The U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR), has reached a settlement with Vision Upright MRI, a California-based healthcare provider specializing in magnetic resonance imaging (MRI) services, following potential violations of the Health Insurance Portability and Accountability Act (HIPAA) Breach Notification and Security Rules. The settlement resolves an investigation into a data breach involving an unsecured server that exposed the medical images of 21,778 individuals. Background on HIPAA Rules HIPAA’s Privacy, Security, and Breach Notification Rules require covered entities (healthcare providers, health plans, and clearinghouses) and their business associates to safeguard protected health information (PHI). Key provisions include: Risk Analysis Requirement – Organizations must assess potential [...]