The Importance of Policies

A recent settlement with the US Department of Health and Human Services Office of Civil Rights (OCR) demonstrates the importance of privacy and security policies, even other violations of regulations do not occur.  APDerm, a Massachusetts-based dermatology practice, agreed to pay $150,000 to settle claims that it violated HIPAA and HITECH regulations by failing to have in place breach notification policies and procedures.

OCR began an investigation of APDerm after receiving a report of a lost USB thumb drive that may have included the PHI of up to 2,200 individuals.  Despite uncovering no evidence of actual harm or that PHI had been accessed, and a timely notification to potentially affected individuals, APDerm lacked written policies and procedures regarding the notification rule or to train workforce members, among other alleged HIPAA violations.

Story here

Subscribe and stay updated
Receive our latest blog posts by email.
Ramy Fayed

About Ramy Fayed

Ramy Fayed is a partner in the Health Care Practice Group in Dentons US LLP's Washington, D.C. office. He has been recognized by Super Lawyers, Nightingale's Healthcare News, and Best Lawyers as one of the leading health care lawyers in the US. In his practice, he advises a broad range of health care organizations, including hospitals, academic medical centers and manufacturers of pharmaceuticals and medical devices on compliance with the federal health care program anti-kickback law, the Stark law, the False Claims Act, and Medicare and Medicaid compliance and reimbursement issues.

Full bio