OCR Reaches $750,000 Settlement with Univ. of Wash. for HIPAA Violations

The settlement centered around a Security Rule within the Health Insurance Portability and Accountability Act.
Published: January 19, 2016

The University of Washington settled with the Office for Civil Rights for $750,000 after a potential HIPAA violation was investigated.

The university admits no liability as part of the settlement, and the resolution agreement mainly focused on a Security Rule violation, according to Winston.com.

RELATED: Review: Dept. of Veteran’s Affairs, Other Major Providers Violating HIPAA

The university also agreed to a two-year monitoring period with the OCR to implement a risk analysis and risk management plan.

——Article Continues Below——

Get the latest industry news and research delivered directly to your inbox.

The breach, which occurred in Nov. 13, was reported after someone working for the university downloaded malware, which affected a system that contained protected health information.

RELATED: UVA Reaches Title IX Agreement with the Department of Education

OCR’s investigation revealed the university neglected to ensure that it’s “affiliated medical entities” had conducted risk assessments and implemented risk management plans, which is required under HIPAA’s Security Rule.

ADVERTISEMENT
Strategy & Planning Series
Strategy & Planning Series
Strategy & Planning Series
Strategy & Planning Series
Strategy & Planning Series