Receiver for Out-of-Business HIPAA BA Reaches $100,000 Settlement with HHS | Practical Law
The Department of Health and Human Services (HHS) announced a $100,000 settlement with the court-appointed receiver of an out-of-business company for potential violations of the Privacy Rule under the Health Insurance Portability and Accountability Act (HIPAA). The enforcement action arose after HHS received an anonymous tip that an individual brought medical records obtained from the company to a shredding and recycling facility to sell.