A breach of patient privacy earlier this year will cost the Arc of Erie County $200,000. The Buffalo-based nonprofit discovered in February that clients’ electronic personal health information was published on its website. While the Arc of Erie County said the website was for internal use only, the exposed ePHI is considered a violation of the Health Insurance Portability and Accountability Act (“HIPAA”). The organization must now provide a risk analysis, evaluate its policies and procedures, and present its findings to the New York attorney general’s office.
In our continuous efforts to deliver a personalized user experience, Cherry Bekaert relies on cookies. By browsing our site, you agree to the use of cookies. For additional details, please refer to our privacy policy.