Department of Health and Human Services for HIPAA privacy violations should serve as a warning to all healthcare entities, say privacy analysts.
The agency announced on Thursday that it had imposed a civil monetary penalty of $4.3 million on health insurer Cignet Health for violating the Health Insurance Portability and Accountability Act’s privacy provisions. This week’s other enforcement action involved Massachusetts General Hospital, which agreed to pay HHS a total of $1 million to settle potential HIPAA privacy violations.