OCR Reaches $750,000 Settlement with Univ. of Wash. for HIPAA Violations

The settlement centered around a Security Rule within the Health Insurance Portability and Accountability Act.

The University of Washington settled with the Office for Civil Rights for $750,000 after a potential HIPAA violation was investigated.

The university admits no liability as part of the settlement, and the resolution agreement mainly focused on a Security Rule violation, according to Winston.com.

RELATED: Review: Dept. of Veteran’s Affairs, Other Major Providers Violating HIPAA

The university also agreed to a two-year monitoring period with the OCR to implement a risk analysis and risk management plan.

The breach, which occurred in Nov. 13, was reported after someone working for the university downloaded malware, which affected a system that contained protected health information.

RELATED: UVA Reaches Title IX Agreement with the Department of Education

OCR’s investigation revealed the university neglected to ensure that it’s “affiliated medical entities” had conducted risk assessments and implemented risk management plans, which is required under HIPAA’s Security Rule.

If you appreciated this article and want to receive more valuable industry content like this, click here to sign up for our FREE digital newsletters!

Leading in Turbulent Times: Effective Campus Public Safety Leadership for the 21st Century

This new webcast will discuss how campus public safety leaders can effectively incorporate Clery Act, Title IX, customer service, “helicopter” parents, emergency notification, town-gown relationships, brand management, Greek Life, student recruitment, faculty, and more into their roles and develop the necessary skills to successfully lead their departments. Register today to attend this free webcast!

Get Our Newsletters
Campus Safety Conference promo