Ransomware Attack and HIPAA Violation Penalty

july 26, 2018

E-Medical Record Provider Attacked by Ransomware
Press reports indicate that the cloud services provided by Greenway Health have been impacted by a ransomware attack (click here to see related HealthcareITNews article). Greenway Health is used as an electronic medical record provider under the product name, Intergy by over 10,000 health care providers in the United States. If your practice or facility is using Intergy services, we can assist you in reaching out to Greenway Health to obtain certain assurances regarding your data and platform.

Covered Entity Pays $31,000 for Failing to Obtain Business Associate Agreement
Last week, the U.S. Department of Health and Human Services (HHS) Office of Civil Rights (OCR) agreed to a $31,000 payment from a covered entity as a penalty for failing to have one necessary Business Associate Agreement in place. OCR has fined several covered entities in excess of $1 million for failing to perform a risk analysis and failing to have proper policies and procedures in place to implement HIPAA. In the unlikely event that you do not have appropriate HIPAA business associate agreements and procedures in place, we can assist you in that review.

If you have any questions in regard to the articles above, please feel free to contact the Heyl Royster Healthcare Practice attorneys.