Lack of email security causes $750K fine

Featured image

Share this article

HIPAA violation fines Paubox

The University of Washington Medicine (UWM) has recently agreed to settle charges that it potentially committed HIPAA violations. UWM’s lack of email security resulted in a $750K settlement with the Office of Civil Rights (OCR), part of the Health and Human Services (HHS), as the result of a phishing attack.

The U.S. Department of Health and Human Services Office of Civil Rights (OCR) initiated its investigation of UWM on November 27th, 2013 when it received a breach notification. The breach report detailed that a UWM employee downloaded an email attachment that contained a malicious malware, one of the more common ways email gets hacked.

This malware eventually infected all of UWM’s systems compromising the e-PHI of over 90,000 individuals. Information such as patient names, medical records, billing information, social security number, and demographic identifiers were exposed. The investigation revealed that the attack could have been prevented had UWM and it’s affiliates updated their risk assessment and added safeguards.

Cyber attacks on healthcare systems are not slowing down anytime soon, in fact they will only increase. Healthcare data is too valuable to hackers. Considering that this particular attack originated from an email download, all healthcare organizations must take steps to protect their email systems through technology and training. Not surprisingly healthcare has been slow to adopt robust email encryption and security standards that other industries have already implemented.

Paubox is the only provider of true seamless HIPAA compliant email encryption. Instead of the hassle of using portals, users can just write and send email as normal from any device. Not only does Paubox encrypt and host emails, but Paubox Email Suite also features full malware, virus, spam, and phishing protection.

Try Paubox Email Suite for FREE today.
Author Photo

About the author

Phuong Tran

Phuong Tran is a Carnegie Mellon University-Heinz College graduate with a degree in healthcare policy and management. In his spare time he enjoys discovering new restaurants and playing basketball.

Read more by Phuong Tran

Get started with
end-to-end protection

Bolster your organization’s security with healthcare’s most trusted HIPAA compliant email solution

The #1-rated email encryption 
and security software on G2

G2 Badge: Email Encryption Leader Fall 2022
G2 Badge: Security Best Usability Fall 2022
G2 Badge: Encryption Momentum Leader Fall 2022
G2 Badge: Security Best Relationship Fall 2022
G2 Badge: Security Users Most Likely to Recommend Fall 2022
G2 Badge: Email Gateway Best Relationship Fall 2022
G2 Badge: Email Gateway Best Meets Requirements Fall 2022
G2 Badge - Users Most Likely to Recommend Summer 2022
G2 Badge: Email Gateway Best Results Fall 2022
G2 Badge: Email Gateway Best Usability Fall 2022
G2 Badge: Email Gateway Best Support Fall 2022
G2 Badge: Email Gateway Easiest To Use Fall 2022
G2 Badge: Email Gateway Easiest Setup Fall 2022
G2 Badge: Email Gateway Easiest Admin Fall 2022
G2 Badge: Email Gateway Easiest to do Business with Fall 2022
G2 Badge: Email Gateway Highest User Adoption 2022
G2 Badge: Email Gateway High Performer Fall 2022
G2 Badge: Email Gateway Momentum Leader Fall 2022
G2 Badge: Email Gateway Most Implementable Fall 2022
G2 Badge: Email Gateway Users Most Likely to Recommend Fall 2022