The HHS Office for Civil Rights has levied a $650,000 fine and a corrective action plan against Catholic Health Care Services, a business associate of the Archdiocese of Philadelphia.

Such enforcement actions, with more than 30 others already imposed across the industry, are done when a HIPAA-covered entity or business associate of a healthcare organization is found to have substantially ignored the HIPAA Security Rule. In this case, OCR in February 2014 received notifications of a breach from each of six nursing homes that Catholic Health Care Services operated.

Register or login for access to this item and much more

All Information Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access