Theft of USB Flash Drive Results in $1.7 Million HIPAA Security Settlement | Practical Law
On June 26, 2012, the Department of Health and Human Services (HHS) settled its first enforcement action against a state agency under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) for $1.7 million. The settlement also includes a corrective action plan requiring the Alaska Department of Health and Human Services to review, revise and maintain policies and procedures to ensure compliance with the HIPAA security rules.