OCR Settles Two HIPAA Cases with Public Health Centers in Oregon and Mississippi
Hunton Privacy
JULY 28, 2016
These vulnerabilities included (1) storing electronic protected health information (“ePHI”) on a cloud-based server without entering into a business associate agreement (“BAA”) with the cloud provider; (2) conducting inadequate risk analyses; and (3) failing to implement a mechanism to encrypt and decrypt ePHI.
Let's personalize your content