1 min read

Triple-S Management settles $3.5 Million HIPAA fine

Phuong Tran December 1, 2015

HIPAA compliance
gavel and stack of cash on wooden block

Another HIPAA violation fine has just been settled. The amount is staggering to say the least. As of today, the Health and Human Services Department (HHS) agreed to a $3.5 million settlement with Triple-S Management Corporation for HIPAA violations.

 

Triple-S Management Corporation, an insurance holding company based out of San Juan, Puerto Rico offers a variety of insurance products and services through its subsidiaries. These subsidiaries include Triple-Salud Inc., Triple-C Inc., Triple-S Advantage Inc. (aka American Health Medicare Inc.). The large HIPAA fine resulted from an OCR initiated investigation.

The Office of Civil Rights (OCR) investigated Triple-S, after multiple breach notifications involving unsecured PHI. The results of OCR's investigation was incredibly disturbing. OCR's investigation showed that Triple-S had rampant and widespread non-compliance issues. The results of the investigations include:

  1. Failure to implement physical, technical, and administrative safeguards to PHIs
  2. Impermissible disclosure of PHI
  3. Use of more PHI than necessary to accomplish tasks
  4. Failure to perform a risk analysis to assess vulnerabilities
  5. Failure to implement security measures to reduce risks and vulnerabilities of PHIs

With the help of OCR, Triple-S has already undertaken the necessary changes that the OCR recommended.  The changes include performing a risk analysis and risk management plan. Evaluating and addressing the environmental or operational conditions that affect the security of the PHIs. Training its workforce on the different aspects of HIPAA. Triple-S hopes that these changes will shore up its vulnerabilities and prevent future incidents.

However, one must ask is it already too late?

Many people know that once healthcare data is leaked, it is incredibly difficult to fix and this type of data is extremely valuable on the black market. Paubox can help your organization meet HIPAA compliance and stay protected with our seamless HIPAA compliant email and more. Visit our homepage to learn more.

 

Try Paubox Email Suite for FREE today.
Start for free
Secure every email you send and receive HIPAA compliant. Threat-proof. Hassle-free.
Memorial Healthcare Systems hospital building exterior

Memorial Healthcare Systems fined for lack of audit controls

Evan Fitzgerald : February 17, 2017

Memorial Healthcare Systems has paid the U.S Department of Health and Human Services $5.5 million as a result of violations of the Health Insurance...

HIPAA compliance
Read More
HIPAA logo

HIPAA change to allow reporting of mental health condition to background check system

Phuong Tran : January 13, 2016

Recently the "Department of Health and Human Services has made changes to the HIPAA Privacy Rule to allow certain covered entities to disclose to the...

HIPAA compliance
Read More
Two people working together at a laptop in a modern office

Is Microsoft Office 365 HITRUST certified?

Picture of Hoala Greevy Hoala Greevy : March 4, 2019

We’ve recently been surveying the vendor landscape to see who has HITRUST certification. Founded in 2007, HITRUST Alliance is a not-for-profit...

HIPAA compliance
Read More

Subscribe to Paubox Weekly

Every Friday we bring you the most important news from Paubox. Our aim is to make you smarter, faster.