The Department of Health and Human Services’ Office for Civil Rights announced a settlement with Heritage Valley Health System concerning potential violations of the Health Insurance Portability and Accountability Act security rule following a ransomware attack, the agency said Monday.
An investigation revealed the health system’s failures to conduct a compliant risk analysis to determine the potential risks and vulnerabilities to electronic protected health information in its systems, implement a contingency plan to respond to emergencies, and implement policies and procedures to allow only authorized users access to electronic protected health information.
The health system, which provides care in ...
Learn more about Bloomberg Law or Log In to keep reading:
See Breaking News in Context
Bloomberg Law provides trusted coverage of current events enhanced with legal analysis.
Already a subscriber?
Log in to keep reading or access research tools and resources.