Paubox blog: HIPAA compliant email made easy

Presence Health receives 475K fine for security breach

Written by Evan Fitzgerald | January 11, 2017

 Presence Health has agreed to pay a settlement of $475,000 for an untimely reporting of a breach of unsecured protected health information. Presence Health is one of the largest behavioral health service networks in Illinois with more than 11 hospitals, 27 long-term care and senior living facilities.

On October 22, 2013 Presence Health discovered that operating room schedules containing PHI of 836 individuals went missing from Presence Surgery Center at the Presence St. Joseph Medical Center in Joliet, Illinois. The information consisted of the affected individuals names, dates of birth, medical record numbers, dates of procedures, types of procedures, surgeon names, and types of anesthesia. Presence Health did not report this breach until January 31, 2014 which is past the 60 day HHS requirement for reporting breaches. Presence Health has agreed to implement a corrective action plan to include the following:

  • Explicitly stating roles and responsibilities when handling PHI
  • Breaches of more than 500 individuals should be reported to appropriate media outlets.
  • Prepare notifications to individuals whose unsecured PHI has been compromised.
  • Employees participate in training regarding securely handling PHI.

 

Try Paubox Email Suite for FREE today.