CVS to pay $2.25 million for HIPAA violation
Thursday, February 19, 2009
CVS Caremark has been ordered to pay $2.25 million to settle federal charges that its employees threw out sensitive patient information in the trash.
According to the FTC, the nation's largest pharmacy chain lacked proper security procedures for discarding patient data when pharmacy workers threw out pill bottles, medication instruction sheets and computerized order information in 2006.
The personal information of patients was protected under the Health Insurance Portability and Accountability Act (HIPAA).
"This is a case that will restore appropriate privacy protections to tens of millions of people across the country. It also sends a strong message to other organizations that possess consumers' protected personal information. They are required to secure consumers' private information," said William E. Kovacic, chairman of the FTC.
CVS has denied any wrongdoing, but decided to settle to avoid costly litigation fees, SCMagazineus.com reports.
In addition to the payment, CVS's more than 6,300 retail pharmacies must establish procedures for disposing of protected health information, implement a training program, conduct internal monitoring and hire an outside assessor to evaluate compliance for three years, according to the FTC.
Related News:
Password security a tall order for many web users - 1.22.2010
A recently released study from tech researcher Imperva showed that the most popular password among users whose accounts were compromised in the recent RockYou data breach was as follows: 123456.
Facebook fixes "wrong friends list" mobile network security glitch - 1.22.2010
CNET reports that social media network Facebook has repaired a problem in the mobile version of its service that caused some mobile users to have full access to the friends lists of unassociated users.
Automated phishing scam hits bank customers - 1.14.2010
Phishing attacks do not target victims exclusively via email, experts say, pointing to a recent rash of automated phone calls that attempted to convince victims to give up sensitive banking information.
Scammers ride aftershocks of Haiti catastrophe - 1.14.2010
The Federal Bureau of Investigation has issued a warning to those who want to contribute to earthquake relief efforts in Haiti, saying that cyber criminals and other types of scam artists are trying to take advantage of an outpouring of humanitarian support.
Banking Trojans finding new vector with fake Outlook alerts - 1.11.2010
A spurious alert purporting to come from Microsoft Outlook has cropped up in recent weeks, according to a maker of email filtering software.
|
