Wilson Technology Group and More

Your One Stop IT and Telecommunications Firm

HIPAA Fine for Lack of Firewall Assessment

Leave a comment

Idaho State University ((ISU) has agreed to pay $400,000 to HHS for violations of the HIPAA Security Rule.  The settlement involves the breach of unsecured EPHI of 17,500 individuals who were patients at an ISU clinic.  OCR opened its investigation after ISU notified HHS that the EPHI of approximately 17,500 individuals was accessible at its Pocatello Family Medicine Clinic because an ISU server firewall was disabled.  OCR investigators found that ISU did not apply proper security measures and policies to address risks to EPHI and did not have in place procedures for routine review of information system activity which could have detected the breach in the firewall much sooner.  Overall, ISU failed to ensure the uniform implementation of required Security Rule Protections at each of its covered clinics.

A key requirement of the compliance regulations, such as HIPAA, HITECH, or PCI DSS, is that organizations must conduct a comprehensive and thorough assessment of the potential risks and vulnerabilities of the confidentiality, integrity, and availability of all sensitive information such as Personally Identifiable Information.

Learn more by going to:  www.wilsontechgroup.com

Find us on:  Facebook; LinkedIn


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s