From: iHealthBeat
In a case involving a security breach of thousands of patients’ personal health data, the Federal Trade Commission has ruled that HIPAA-covered entities also can be subject to security enforcement by the commission, FierceHealthIT reports.
Background on Case
In 2013, FTC filed a complaint against LabMD, a cancer-detection services company, for two privacy breaches in 2008 and 2012 that affected about 10,000 patients (Bowman, FierceHealthIT, 1/28).
In the complaint, FTC wrote that LabMD’s “failure to employ reasonable and appropriate measures to prevent unauthorized access to personal information” violated the agency’s regulations.
Leave a Reply