Malware infection results in HIPAA fine for UMASS

Featured image

Share this article

Malware Infection Results in HIPAA Fine for UMASS - Paubox
The University of Massachusetts has agreed to pay a fine of $650,000 to settle a breach under HIPAA regulations. On June 18, 2013 a computer in the university’s Center for Language, Hearing and Speech department was infected by a malware program which lead to the disclosure of protected health information of 1670 individuals.

Under HIPAA regulations, the University elected to be classified as a Hybrid organization. This means they designated which facets of their organization were to be covered as health care components. The center where the breach occurred however, was not designated as a covered health care component and therefore the University did not take the necessary procedures to protect the protected health information. This represents a HIPAA violation.

UMASS has agreed to take part in a full-scale enterprise wide risk analysis and develop a plan of action to implement the necessary safeguards to protect against future breaches. UMASS has also agreed to train their staff best practices in handling protected information.

Summary of HIPAA Violations:

  • Failure to implement the correct policies and procedures to prevent, detect and handle security breaches.
  • Failure to elect all of the components dealing with ePHI as covered health components.
  • Failure to implement physical security safeguards for all of the workstations that have access to PHI.
  • Failure to conduct a thorough risk analysis until September of 2015.
  • Providing access of protected health information of 1670 individuals.

SEE RELATED: Resolution Agreement and Corrective Action Plan (HHS)

Try Paubox Email Suite for FREE today.
Author Photo

About the author

Hoala Greevy

Founder of Paubox. Kayak fishing when I can. Native Hawaiian CEO.

Read more by Hoala Greevy

Get started with
end-to-end protection

Bolster your organization’s security with healthcare’s most trusted HIPAA compliant email solution

The #1-rated email encryption 
and security software on G2

G2 Badge: Email Encryption Leader Fall 2022
G2 Badge: Security Best Usability Fall 2022
G2 Badge: Encryption Momentum Leader Fall 2022
G2 Badge: Security Best Relationship Fall 2022
G2 Badge: Security Users Most Likely to Recommend Fall 2022
G2 Badge: Email Gateway Best Relationship Fall 2022
G2 Badge: Email Gateway Best Meets Requirements Fall 2022
G2 Badge - Users Most Likely to Recommend Summer 2022
G2 Badge: Email Gateway Best Results Fall 2022
G2 Badge: Email Gateway Best Usability Fall 2022
G2 Badge: Email Gateway Best Support Fall 2022
G2 Badge: Email Gateway Easiest To Use Fall 2022
G2 Badge: Email Gateway Easiest Setup Fall 2022
G2 Badge: Email Gateway Easiest Admin Fall 2022
G2 Badge: Email Gateway Easiest to do Business with Fall 2022
G2 Badge: Email Gateway Highest User Adoption 2022
G2 Badge: Email Gateway High Performer Fall 2022
G2 Badge: Email Gateway Momentum Leader Fall 2022
G2 Badge: Email Gateway Most Implementable Fall 2022
G2 Badge: Email Gateway Users Most Likely to Recommend Fall 2022