Athens Orthopedic pays $1.5M to settle HIPAA allegations

Laura Dyrda -   Print  |

A Georgia-based orthopedic group agreed to settle systemic HIPAA noncompliance allegations and will pay $1.5 million in addition to adopting a corrective action plan, according to a Sept. 21 announcement.

Athens (Ga.) Orthopedic learned their database of patient records was posted online for sale on June 26, 2016; the hacker contacted the orthopedic group asking for payment in exchange for the copy of its stolen database two days later. The hackers accessed the practice's EHR through a vendor's credentials and continued to access protected health information through July 16. Athens Orthopedic eventually reported to the ORC that 208,557 individuals were affected by the breach.

An ORC investigation revealed longstanding, system non-compliance, according to an agency report. 

More articles on specialty practice:
3 ASC developments worth over $10M
7 critical steps for financial success in your ASC
10 most common procedures in ASCs

© Copyright ASC COMMUNICATIONS 2021. Interested in LINKING to or REPRINTING this content? View our policies here.

Featured Webinars

Featured Whitepapers