Chat with us, powered by LiveChat

HHS Settles With Affinity Health Plan Inc. In Photocopier Breach Case

Affinity Health Plan, Inc., a not for profit, will settle prospective violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy and Security Rules for $1,215,780 with the U.S. Department of Health and Human Services. HIPAA covered entities, like Affinity, are require to report to Health and Human Services when protected health information has been disclosed.

CBS evening news did an investigatory report in which they purchased photocopiers that had previously been leased by Affinity. In so doing CBS found that confidential medical information had never been erased from the hard drive. Affinity filed a breach report after CBS informed them of the medical information found on the hard drives.

Affinity revealed without consent protected health information of an estimated 344,579 individuals when it returned multiple photocopiers to leasing agents before confidential customer information had been removed from hard drive.

Affinity has an agreement of a settlement of $1,215,780, to take precautions to guard electronic protected health information, and to attempt to recover all hard drives that were used on the leased photocopiers. You can read more about the agreement here.

Make sure that your data is secure and that you mitigate as much risk as possible by engaging with HIPAA One.