Children’s Pediatric Hospital fined $3.2 million

Featured image

Share this article

Children’s Pediatric Hospital in Dallas, Texas has paid a fine of $3.2 million in accordance to several breaches of the Health Insurance Portability and Accountability Act.

Children’s Hospital is the seventh largest pediatric healthcare provider in the nation. This fine was a result of multiple disclosures of electronic protected health information and failure to comply with HIPAA’s security rule.

Children’s was provided instructions to grant a motion for a hearing, however they denied these instructions and proceeded to settle with the penalty payment.

Children's Pediatric Hospital fined $3.2 million

On January 18, 2010 Children’s reported a breach of HIPAA to the Office of Civil rights due to the loss of a unencrypted Blackberry phone. This device contained ePHI of about 3800 individuals and went missing in the Dallas/Fort Worth International Airport. On July 5th, 2013 reported a separate incident involving an unencrypted laptop that was stolen from Children’s containing ePHI of 2,462 individuals.

Children’s hospital had implemented physical safeguards including security cameras and employee badges to limit and monitor outsider access, however necessary action was not taken to encrypt laptops and other electronic devices containing PHI. In 2007 PwC conducted a risk assessment and recommended that data encryption become a high priority and be put in place by the fourth quarter of 2008. Despite the information and recommendations from their risk assessment Children’s continued using unencrypted devices up through their most 2013 breach.

HIPAA Fines Include:

  • Failure to implement physical safeguards for all workstations that access ePHI to restrict access to unauthorized users.
  • Failure to follow third party security recommendations
  • Failure to implement policies and procedures to govern the removal of electronic devices from the workplace.
Try Paubox Email Suite for FREE today.
Author Photo

About the author

Evan Fitzgerald

Read more by Evan Fitzgerald

Get started with
end-to-end protection

Bolster your organization’s security with healthcare’s most trusted HIPAA compliant email solution

The #1-rated email encryption 
and security software on G2

G2 Badge: Email Encryption Leader Fall 2022
G2 Badge: Security Best Usability Fall 2022
G2 Badge: Encryption Momentum Leader Fall 2022
G2 Badge: Security Best Relationship Fall 2022
G2 Badge: Security Users Most Likely to Recommend Fall 2022
G2 Badge: Email Gateway Best Relationship Fall 2022
G2 Badge: Email Gateway Best Meets Requirements Fall 2022
G2 Badge - Users Most Likely to Recommend Summer 2022
G2 Badge: Email Gateway Best Results Fall 2022
G2 Badge: Email Gateway Best Usability Fall 2022
G2 Badge: Email Gateway Best Support Fall 2022
G2 Badge: Email Gateway Easiest To Use Fall 2022
G2 Badge: Email Gateway Easiest Setup Fall 2022
G2 Badge: Email Gateway Easiest Admin Fall 2022
G2 Badge: Email Gateway Easiest to do Business with Fall 2022
G2 Badge: Email Gateway Highest User Adoption 2022
G2 Badge: Email Gateway High Performer Fall 2022
G2 Badge: Email Gateway Momentum Leader Fall 2022
G2 Badge: Email Gateway Most Implementable Fall 2022
G2 Badge: Email Gateway Users Most Likely to Recommend Fall 2022