http://www.healthcareitnews.com/news/stolen-laptops-mean-2m-mega-fines
By Mike Miliard
Managing Editor
Healthcare IT News
April 23, 2014
Serving notice that "covered entities and business associates must
understand that mobile device security is their obligation," the HHS
Office for Civil Rights has settled with two organizations for a combined
$1,975,220 penalty after their unencrypted computers were stolen.
That's a big number. And that's because it's meant to drive home the point
that unencrypted laptops and mobile devices pose significant risks to the
security of patient information, said Susan McAndrew, OCR’s deputy
director of health information privacy.
"Our message to these organizations is simple: Encryption is your best
defense against these incidents," she said.
The biggest of the two settlements was levied against Concentra Health
Services, after OCR opened an investigation following a breach report that
an unencrypted laptop was stolen from one of its facilities, the
Springfield Missouri Physical Therapy Center.
[...]
--
Subscribe to InfoSec News
http://www.infosecnews.org/subscribe-to-infosec-news/
