In a week including several high profile HIPAA breach incidents and settlements, the Department of Health and Human Services announced the biggest one of all: a settlement agreement with Affinity Health Plan stemming from an incident in 2010 when it was discovered that an improperly wiped photocopier compromised the PHI of over 300,000 patients. Affinity and HHS agreed to settle the case for $1,215,780.
What was notable about this particular incident was not necessarily the high settlement figure or even the large number of patients involved, but the bizarre nature of the incident itself. In the period leading up to the incident, the New York-based health plan had been leasing the digital photocopier. After the next user, CBS, purchased the copier from the leasing agent, it discovered hundreds of thousands of patient records that had not been deleted off the hard drive before the end of Affinity’s lease term.
This incident underscores the greater risk that compliance or information officers need to take into account in their risk assessments: the human factor. State-sponsored cyber terrorism might get all of the press headlines, but a healthcare provider is far more susceptible to something as simple as a lost laptop or an improperly wiped digital device. As mentioned in our webinar this past Wednesday, the proliferation of IT and other healthcare digital products is empowering healthcare organizations to deliver better care to their patients. Nevertheless, the loss of patient data through these devices should always be at the forefront of a CIO’s mind.
As with all data breach settlements with HHS, the settlement figure only shows us the tip of the financial iceberg. After taking into account the costs associated with patient notification and credit monitoring services that a covered entity must legally include, the actual cost of this incident is very likely to represent a multiple of the HHS settlement amount.
Krishna Kurapati is the Founder and CEO of QliqSOFT. He has more than two decades of technology entrepreneurship experience. Kurapati started QliqSOFT with the strong desire to solve clinical collaboration and workflow challenges using artificial intelligence (AI)-powered digital technologies across the U.S. healthcare system.
Engaging Patients and Connecting Care Teams Through Interactive Digital ConversationsLearn More
Discover how digital platforms are revolutionizing community health centers (CHCs) by alleviating staff burnout through automated messaging, customizable patient engagement, and care coordination. By leveraging chatbot-based digital automation, CHCs can reduce manual tasks, increase patient satisfaction, close gaps in care, and improve staff work-life balance. These platforms enable secure texting, virtual visits, and efficient communication, ensuring patients receive timely and personalized care while allowing staff to focus on patient needs and streamline workflows.
Discover the significance of conversational AI in healthcare as it replicates natural interactions between humans and machines, offering personalized and interactive patient experiences. Healthcare providers benefit from automating administrative tasks, answering queries, disseminating information, tracking symptoms, and analyzing clinical data. Successful implementation requires prioritization, agility, measurement, expansion, realistic expectations, and choosing a results-oriented partner.
During their search for a full telemedicine solution, FCN leaders discovered that QliqSOFT brought to the table all types of mission-critical digital patient communications. Though hesitant initially, FCN leaders “decided to take a leap of faith,” Rocha said, explaining that “terms like chatbot and AI made people nervous.”