Business Associate Mishandles PHI in $650,000 HIPAA Settlement

Catholic Health Care Services of the Archdiocese of Philadelphia (CHCS) has agreed to pay a $650,000 settlement with corrective action plan for violations of the HIPAA Security Rule. This is the highest fine levied against a business associate in the history of HIPAA enforcement. The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) investigated CHCS after the organization reported the theft of an employee's iPhone [...]