A North Carolina orthopedic clinic reached a $750,000 settlement with the government over allegations that it potentially violated the HIPAA Privacy Rule by giving patient data to a business partner without first signing a business associate agreement (BAA).
The Health and Human Services Office for Civil Rights said that Raleigh Orthopaedic Clinic PA disclosed protected health information (PHI) in the form of X-ray film for roughly 17,300 patients. The X-rays were sent to a third-party vendor that didn’t have a BAA with the clinic, a violation of the HIPAA Privacy Rule.
The settlement was announced April 19 and was the ...
Learn more about Bloomberg Law or Log In to keep reading:
See Breaking News in Context
Bloomberg Law provides trusted coverage of current events enhanced with legal analysis.
Already a subscriber?
Log in to keep reading or access research tools and resources.