University of Texas MD Anderson Cancer Center ordered to pay $4.3 million in HIPAA violations
June 19, 2018
March 31, 2020
In the News: A U.S. Department of Health and Human Services Administration Law Judge has ruled that The University of Texas MD Anderson Cancer Center violated the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy and Security Rules and granted summary judgement to the Office for Civil Rights (OCR) on all issues, requiring MD Anderson to pay $4,348,000 in civil penalties. Today’s award is the second summary judgment victory in OCR’s history of HIPAA enforcement, and the $4.3 million is the fourth most substantial amount ever awarded to OCR for HIPAA violations
MD Anderson was investigated for three different breach events that occurred in 2012 and 2013. One incident involved the theft of an unencrypted laptop from the home of an MD Anderson employee, and two involved the loss of unencrypted USB thumb drives containing protected health information of over 33,500 individuals.
The most common use of SecureCircle’s Transparent File Encryption solution is protecting organizations unstructured data from insider threats both malicious and accidental. SecureCircle helps organizations ensure the security, visibility, and control of unstructured data regardless of format or storage location.
- Completely Transparent.
- Always Encrypted
- Always Tracked
- Always Retractable
- Always Portable
Prevent Data Breaches
Let’s discuss your unique cybersecurity challenges and needs.