Rochester University Reaches HIPAA Settlement with AG

The University of Rochester Medical Center will provide additional patient privacy training to employees and pay a $15,000 fine as part of the settlement.

New York Attorney General Eric Schneiderman and the University of Rochester Medical Center reached a settlement over a patient privacy violation on Dec. 11.

As part of the settlement the medical center agreed to train its workforce on protecting patient health information and pay a $15,000 fine, according to legalnewsonline.

The HIPAA violation occurred when a nurse practitioner switched employers and gave Greater Rochester Neurology, or GRN, a list of over 3,000 URMC patients. GRN then used the list to contact the patients and try to get them to switch health care.

RELATED: Businesses Associated With Hospitals Could Face HIPAA Audits

Although the breech isn’t considered particularly egregious and the fine amount is relatively small, the settlement sets an important precedent for other healthcare facilities.

In 2009, the Health Information Technology for Economic and Clinical Health Act gave state attorney generals the power to enforce HIPAA rules by seeking civil actions against hospitals. Although it is uncommon, healthcare facilities could see more actions brought against them by attorney generals in the future.

Read More Articles Like This… With A FREE Subscription

Campus Safety magazine is another great resource for public safety, security and emergency management professionals. It covers all aspects of campus safety, including access control, video surveillance, mass notification and security staff practices. Whether you work in K-12, higher ed, a hospital or corporation, Campus Safety magazine is here to help you do your job better!

Get your free subscription today!

Get Our Newsletters
Campus Safety Online SummitCampus Safety HQ