Provided by: Jennifer Kirschenbaum, Esq.
May 28, 2014
It's true; the two behemoth systems were assessed a monster fine for failing to protect a server and allowing general internet access to patient information. This could happen to any practice. Cited in the settlement papers, and highlighted as a justification for the massive fine assessed was the failure to properly assess exposure and address through risk assessment and compliance.