Top 5 Stories


Mass General takes $1 million hit for losing 193 patient records

25 February 2011

Following closely on the heels of its first Health Insurance Portability and Accountability Act (HIPAA) privacy rule fine, the Department of Health and Human Services (HHS) has doled out a $1 million fine against Massachusetts General Hospital for a data breach involving 192 patients begin treated for infectious diseases.

HHS levied the fine on Mass General for a data breach involving the loss of documents containing names and medical record numbers of 192 patients at the hospital’s Infectious Disease Associates practice, as well as billing forms that included names, dates of birth, medical record numbers, health insurers and policy numbers, diagnosis, and names of provider for 66 of those patients. The practice treats patients with HIV/AIDS, as well as other infectious diseases.

According to HHS, the documents, which were not recovered, were left by a Mass General employee on the subway on March 9, 2009.

The HIPAA privacy rule requires health care providers to protect the privacy of patient information through administrative, physical and technical safeguards, HHS said.

In addition, Mass General agreed to take actions to prevent future data breaches, including implementing a set of policies and procedures regarding information that is removed from the hospital’s premises, training personnel on these policies and procedures, and designating the hospital’s director of internal audit services to serve as an internal monitor to assess the hospital’s HIPAA compliance and produce semi-annual compliance reports to HHS for three years.

This article is featured in:
Compliance and Policy  •  Data Loss


Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×