Categories

• Automation
• Compliance
• Consolidation
• Data Protection
• Networking News
• News
• RAID
• Security News
• Sencilo News
• Storage News
• Uncategorized
• Vendor News
• Virtualization

Archived by Date

• September 2010
• August 2010
• July 2010
• June 2010
• May 2010
• April 2010
• March 2010
• February 2010
• January 2010
• December 2009
• November 2009
• October 2009
• September 2009
• June 2009
• May 2009
• April 2009
• March 2009
• February 2009
• January 2009
• December 2008
• November 2008
• October 2008
• September 2008
• August 2008
• July 2008
• June 2008
• May 2008
• April 2008
• March 2008
• February 2008
• January 2008

HHS Fines Rite Aid $1 Million for HIPAA Privacy Rule Violations, Will You Be Next? - July 29, 2010

Orlando Florida -- Rite Aid to Pay $1 Million to Settle HIPAA Privacy Case


Rite Aid Corporation and its 40 affiliated entities have agreed to pay $1 million to settle potential violations of the HIPAA Privacy Rule, HHS announced. Rite Aid, one of the nation's largest drug store chains, agreed to take corrective action to safeguard the privacy of its customers when disposing of identifying information on pill bottle labels and other health information.

Rite Aid came under scrutiny after television reporters videotaped incidents in which pharmacies were shown to have disposed of prescriptions and labeled pill bottles containing individuals' identifiable information in industrial trash containers that were accessible to the public. These incidents were reported as occurring in a variety of cities across the United States. Rite Aid pharmacy stores in several of the cities were highlighted in media reports.

Disposing of individuals' health information in an industrial trash container accessible to unauthorized persons is not compliant with several requirements of the HIPAA Privacy Rule and exposes the individuals' information to the risk of identity theft and other crimes, the HHS noted.

"It is critical that companies, large and small, build a culture of compliance to protect consumers' right to privacy and safeguard health information," said Georgina Verdugo, director of the Office of Civil Rights, the HHS arm that undertook a joint investigation of Rite Aid with the Federal Trade Commission. "We hope that this agreement will spur other health organizations to examine and improve their policies and procedures for protecting patient information during the disposal process."

Among other issues, the reviews by OCR and the FTC demonstrate that:
* Rite Aid failed to implement adequate policies and procedures to appropriately safeguard patient information during the disposal process;
* Rite Aid failed to adequately train employees on how to dispose of such information properly; and
* Rite Aid did not maintain a sanctions policy for members of its workforce who failed to properly dispose of patient information.

Under the HHS resolution agreement, Rite Aid agreed to pay a $1 million resolution amount to HHS and must implement a corrective action program that includes:
* revising and distributing its policies and procedures regarding disposal of protected health information and sanctioning workers who do not follow them;
* training workers on these new requirements;
* conducting internal monitoring; and
* engaging a qualified, independent third-party assessor to conduct compliance reviews and render reports to HHS.

In addition to paying the settlement, Rite Aid signed a consent order with the FTC to settle potential violations of the FTC Act.

The HHS Resolution Agreement and Corrective Action Plan can be found on the OCR website.

OCR has FAQs that address the HIPAA Privacy Rule requirements for disposal of protected health information.

Information about the FTC Consent Order agreement is available at http://www.ftc.gov.

For more information please call (407) 494-4EHR or visit us at: http://www.sencilo.com and let us "Uncomplexify your Information
Tecnology"

Why Sencilo HealthIT Solutions
When it comes to your healthcare computing needs, Sencilo HealthIT Solutions's main objective is to provide a turnkey solution
that can essentially sustain itself. When you choose Sencilo HealthIT Solutions, you don't just gain a vendor who provides you
with technology. You get a business partner who walks with you through every step of the process

Sencilo HealthIT Solutions eHealthcare Architecture: More than technology With Sencilo HealthIT Solutions eHealthcare Architecture, you can leverage the same productivity tools and technology resources that have transformed business. And you get a full portfolio of services too. By working with Sencilo HealthIT Solutions, you can get:

A dedicated customer team
A website customized for your institution
A full portfolio of robust solutions
Easy setup, implementation and maintenance
Simple ordering and delivery
Technology training
Flexible financing options


Sencilo HealthIT Solutions Professional Services makes it easy.

In addition to providing high-quality technology at a low cost, Sencilo HealthIT Solutions Professional
Services can help you plan your healthcare computing from the ground up. By working with you from the initial construction phases, we can help you save time and money and lead to a truly customized solution.

Sencilo HealthIT Solutions Professional Services offers complete services that include:
Design
Procurement
Installation
Training
Maintenance
Support

About Us

Sencilo HealthIT Solutions is a Florida-based integrator specializing in EHR Cost Cutting storage, security and managed services
solutions. Sencilo delivers a comprehensive portfolio of products from best-of-breed hardware and software from multiple
manufacturers including Allscripts, VMware, Dell Fujitsu EMC, Hitachi, Symantec, IBM, HP, Cisco, Microsoft, Gateway
Sencilo has offices throughout Florida including: Orlando Lake Mary Daytona, Medical City
solutions include Security "meaningful use" "meaningful usage" EMC HP IBM Quantum Compliance Gartner Magic Quadrant Quadrent LTO
Network Backup appliance Data Recovery Backup Health IT Healthcare IT Digital Hospital Allscripts Patient Data electronic health
record P4P rules and the HITECH Act PayerView Rankings practice management tools $44,000 in Medicare or $66,000 in Medicaid from
the American Recovery and Reinvestment Act eClinicalWorks, Allscripts, NextGen, GE Centricity, and Meditech Electronic Healthcare
IT Medical Records EHR Clinical Practices eClinicalWorks Allscripts Florida EMR, EHR, electronic medical record, health, records,
practice management systems solutions, medication services, PHR Otolaryngology, Orthopaedics, Pain Nuerosurgery, Urology,
Ophthalmology, Cardiology, Billing, Appointment Scheduling, clinicalworks, eClinicalWorks, solutions for physicians, hospitals,
clinical education and medical services Computerized Patient CPR, Order Entry, CPOE, Document Clinical Information Informatics,
Computer-based, SOAP, HIT, Healthcare Encounter Forms, web based, online, clinical rules database, electronic prescribing, e-
prescribing, eprescribing, athenaClinicals, certified EMR, certified EHR, HITECH Act VAR Reseller Dealer hipaa privacy doctor,
healthcare performance management, data security, hosting, arra, free, InterFAX, MyWay, HIPPA, EasyPayMedicare, MedicAID,
SureScripts, FNC, billing, superbill iMedica Tiger on Windows, eprescribe pqri simple practice management revenue cycle e-cw e-
clinicalworks greenway emds nextgen ge sage athena epic klas Dragon NaturallySpeaking speech recognition Google Health, Microsoft Healthvault Health Internet certified "meaningful use" violations HealthPresence Health Presence Sencilo “transformative”
telemedicine medicaid medicare Seminole County Medical Society Orange county Orlando Medical News Trusted Advisor e-Prescription e-Rx CareTracker