The University of California at Los Angeles Health System has agreed to pay $865,500 in a settlement regarding potential HIPAA violations, according to a Department of Health and Human Services news release.
The HHS Office for Civil Rights investigated two separate complaints filed on behalf of two high-profile patients who received care at UCLAHS. The investigation showed from 2005 to 2008 unauthorized employees, repeatedly and without legitimate cause, looked at the electronic protected health information of numerous UCLAHS patients, the release said. Entities covered under HIPAA must reasonably restrict access to patients' health information to employees who have valid reasons to view such information.
UCLAHS has also said it will enact an action plan to make sure it complies with all HIPAA privacy and security standards, the release said. The plan includes regular HIPAA training for all UCLAHS employees who look at protected health information, sanctioning for employees who violate policies and assigning an independent third party to assess the health system's HIPAA compliance over a three-year period.
Read the HHS news release on the UCLA Health System HIPAA settlement.
Related Articles on HIPAA:
HHS Awards Contract for Office of Civil Rights' HIPAA Audit Program
HHS Displays Interim Final Rule for HIPAA Transaction Standards
HIPAA May Form Basis for State Law Private Cause of Action
The HHS Office for Civil Rights investigated two separate complaints filed on behalf of two high-profile patients who received care at UCLAHS. The investigation showed from 2005 to 2008 unauthorized employees, repeatedly and without legitimate cause, looked at the electronic protected health information of numerous UCLAHS patients, the release said. Entities covered under HIPAA must reasonably restrict access to patients' health information to employees who have valid reasons to view such information.
UCLAHS has also said it will enact an action plan to make sure it complies with all HIPAA privacy and security standards, the release said. The plan includes regular HIPAA training for all UCLAHS employees who look at protected health information, sanctioning for employees who violate policies and assigning an independent third party to assess the health system's HIPAA compliance over a three-year period.
Read the HHS news release on the UCLA Health System HIPAA settlement.
Related Articles on HIPAA:
HHS Awards Contract for Office of Civil Rights' HIPAA Audit Program
HHS Displays Interim Final Rule for HIPAA Transaction Standards
HIPAA May Form Basis for State Law Private Cause of Action