https://www.channelfutures.com/wp-content/themes/channelfutures_child/assets/images/logo/footer-new-logo.png
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Master Agents
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
    • Diversity & Inclusion
  • MSSP Insider
  • MSP 501
    • Back
    • Apply Now
    • 2020 MSP 501 Rankings
    • 2020 Hot 101 Rankings
    • 2020 MSP 501 Report
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • Videos
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
    • Channel Educational Series
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
    • Channel Convergence
  • Resources
    • Back
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Content Resources
  • Awards
    • Back
    • 2021 MSP 501
    • Circle of Excellence
    • Excellence in Digital Services
    • Top Gun 51
  • Events
    • Back
    • CP Conference & Expo
    • Channel Evolution Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • DE&I
Channel Futures
  • NEWSLETTER
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Master Agents
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
    • Diversity & Inclusion
  • MSSP Insider
  • MSP 501
    • Back
    • Apply Now
    • 2020 MSP 501 Rankings
    • 2020 Hot 101 Rankings
    • 2020 MSP 501 Report
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • Videos
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
    • Channel Educational Series
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
    • Channel Convergence
  • Resources
    • Back
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Content Resources
  • Awards
    • Back
    • 2021 MSP 501
    • Circle of Excellence
    • Excellence in Digital Services
    • Top Gun 51
  • Events
    • Back
    • CP Conference & Expo
    • Channel Evolution Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • DE&I
    • Newsletter
  • REGISTER
  • MSPs
  • VARs / SIs
  • Agents
  • Cloud Service Providers
  • Channel Partners Events
 Channel Futures

Strategy


Phishing Attack Results in 400000 HIPAA Breach Fine

Phishing Attack Results in $400,000 HIPAA Breach Fine

  • Written by Aldrin Brown
  • April 12, 2017
The payment by a Denver-based network of public health clinics marks the first settlement deal since shortly after the federal office responsible for HIPAA enforcement changed leadership in January.

A Denver, Colo.-area network of public health clinics paid a $400,000 HIPAA breach penalty after a phishing attack let a hacker gain access to employee email accounts and obtain electronic protected health information (ePHI) of 3,200 patients, federal authorities said today.    

Metro Community Provider Network (MCPN) – which provides primary medical care, pharmacies, social work, dental and behavioral care to roughly 43,000 mostly poor patients – reported the breach in January of 2012.

Investigators from the U.S. Department of Health and Human Services Office of Civil Rights (OCR) found that MCPN violated the HIPAA Security Rule by failing to do proper risk assessments or implement adequate cybersecurity measures and procedures.

“Specifically, MCPN has failed to conduct an accurate and thorough assessment of the potential risks and vulnerabilities to the confidentiality, integrity and availability of ePHI held by MCPN,” OCR wrote in the official Resolution Agreement. “Further, MCPN has failed to implement security measures sufficient to reduce risks and vulnerabilities to a reasonable and appropriate level.”   

Investigators indicated the financial component of the settlement might have been higher but OCR considered the public benefit of the services provided by the nonprofit.

MCPN is a federally qualified health center (FQHC), which means it receives government reimbursement for treating people with incomes at or below the poverty line.

“With this settlement amount, OCR considered MCPN’s status as a FQHC when balancing the significance of the violation with MCPN’s ability to maintain sufficient financial standing to ensure the provision of ongoing patient care,” OCR said in a statement today.

MCPN must also adhere to a corrective action plan.

The payment marks the first agreement in nearly two months, following three settlements totaling $11.4 million during the first six weeks of 2017.

That pause coincided with the transition in presidential administration and prompted some observers to question whether new OCR Director Roger Severino would continue an enforcement crackdown that began under his predecessor Jocelyn Samuels.

“Patients seeking health care trust that their providers will safeguard and protect their health information,” Severino said in today’s OCR statement. “Compliance with the HIPAA Security Rule helps covered entities meet this important obligation to their patient communities.”

Compliance with the security and privacy rules of the Health Insurance Portability and Accountability Act has become increasingly important to IT services providers working in healthcare.

Though lucrative, the vertical also carries risks for managed service providers (MSPs), who are required to sign business associate agreements (BAAs) which expose them to liability in the event that ePHI is mishandled. 

The MCPN settlement brings to $11.8 million the amount of HIPAA breach payments collected by OCR thus far this year.

Last year, the agency collected a record $23.5 million, up from $6.2 million in all of 2015.

 

Send tips and news to MSPmentorNews@Penton.com.

Tags: Agents Cloud Service Providers MSPs VARs/SIs Strategy

Related


  • Student with laptop
    Lenovo DaaS Touts 'Dramatic Growth' for DaaS, ID's Top Vertical Sales Opportunity
    “The number of seats we manage is into the millions of DaaS customers."
  • Judge and Gavel
    Judge: Charter Must Pay Windstream $19 Million for 'Egregious,' Deceptive Mailer
    The judge said Charter "intentionally and wrongfully" interfered with Windstream's customer contracts and good will.
  • Threats
    10 Ways to Keep Customers Safe with Threat Protection by Year's End
    Cybersecurity vendors share more advice for MSSPs and other channel partners.
  • Business handshake
    Ujet, Peerless Network Enter Master Agent Agreements with PlanetOne, Intelisys
    Ujet’s channel partner program supports strategic business partnerships, master agents and integrators.

Leave a comment Cancel reply

-or-

Log in with your Channel Futures account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • Understand Buyer Motivations to Build More Opportunities
  • Mass Microsoft Exchange Exploitation Still Impacting Organizations
  • 'Everybody Was Surprised': 6 Partners React to Rodney Clark Becoming Microsoft's New Channel Chief
  • Agents Voice Concerns, Hopes for Master Agent Consolidation

Galleries

View all

10 Ways to Keep Customers Safe with Threat Protection by Year’s End

April 9, 2021

Industry Perspectives

View all

Why Every MSP Should Consider TCO When Selecting a BCDR Solution

April 9, 2021

6 Ways to Ready Your Customers for 5G Security Challenges

April 5, 2021

Endpoint Security Is Huge in the Merging New World of Work

April 2, 2021

Webinars

View all

Top 3 Intel Security Technologies To Help Against Advanced Cybercrime Attacks

April 15, 2021

What to Look For: 2021 Threat Report

April 22, 2021

Health Care and SD-WAN: A Seller’s Guide

April 27, 2021

White Papers

View all

Top Tips: How Resellers Can Leverage Rackspace to Enhance Customer’s Cyber Security Protection with Microsoft 365 Security

March 30, 2021

Top Tips: Optimize Your Microsoft 365 Investment with Rackspace Technology

March 30, 2021

The Smart Approach to Cloud Workload Placement Decisions

March 19, 2021

Upcoming Events

View all

Channel Partners Conference & Expo

November 1, 2021 - November 4, 2021

MSP Summit

November 1, 2021 - November 2, 2021

Channel Evolution Europe

November 30, 2021 - December 1, 2021

Videos and Fastchats

View all

FASTCHAT: How Fortinet Reduces Complexity Through Networking, Security

Strong Customer Experience Needs Strong Partner Experience

December 22, 2020

Happy Holidays from Channel Partners & Channel Futures!

December 21, 2020

2021 Excellence in Digital Services Awards App Open

December 9, 2020

Twitter

ChannelFutures

"Who could ask for more?? These guys bring an awesome energy and always highlight the need-to-know of the channel..… twitter.com/i/web/status/1…

April 10, 2021
ChannelFutures

Anti-Asian racism, and racism and discrimination of all forms, have zero place in our society. #StopAsianHate and t… twitter.com/i/web/status/1…

April 9, 2021
ChannelFutures

MSSP @inc_renaissance promotes Trish Kapos to channel chief. #cybersecurity dlvr.it/RxLQ6g https://t.co/oWCdHeRqIW

April 9, 2021
ChannelFutures

.@GetSpectrum ordered to pay @Windstream more than $19 million for deceptive mailer. #lawsuit… twitter.com/i/web/status/1…

April 9, 2021
ChannelFutures

.@Percona says channel can help with #opensource solutions and #databases for everything from aspirational to must-… twitter.com/i/web/status/1…

April 9, 2021
ChannelFutures

Our latest #Cybersecurity Roundup features @HuntressLabs on @Microsoft Exchange exploitation, @ptsecurity,… twitter.com/i/web/status/1…

April 9, 2021
ChannelFutures

.@SemperisTech unveils first branded partner program. #cybersecurity dlvr.it/RxH4Bq https://t.co/TVjG8xhGNv

April 8, 2021
ChannelFutures

.@PerchSecurity announces its 2021 MSP Threat Report, calling on MSPs to build a mature cybersecurity practice.… twitter.com/i/web/status/1…

April 8, 2021

MSSP Insider

Business advice for MSSPs and news from the broader security channel.

Newsletters and Updates

Sign up for The Channel Report, Channel Futures Update, MSP 501 Newsletter and more.

Live Channel Events

Get the latest information on the next industry-leading Channel Partners event.

Galleries

Educational slide shows and images from live events.

Media Kit And Advertising

Want to reach our audience? Access our media kit.

DISCOVER MORE FROM INFORMA TECH

  • Channel Partners Events
  • Telecoms.com
  • MSP 501
  • Black Hat
  • IoT World Today
  • Omdia

WORKING WITH US

  • Contact
  • About Us
  • Advertise
  • Newsletter

FOLLOW Channel Futures ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2021 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X