BIDMC Docked $100K for Data Breach | Healthcare Informatics Magazine | Health IT | Information Technology Skip to content Skip to navigation

BIDMC Docked $100K for Data Breach

November 24, 2014
by Gabriel Perna
| Reprints

Beth Israel Deaconess Medical Center (BIDMC) in Boston is the latest hospital to pay the piper for a data breach, surrendering $100,000 for an incident that occurred in 2012.

The fine was issued by Massachusetts Attorney General, Martha Coakley and agreed upon by BIDMC. Under the terms of the consent judgment, BIDMC’s fine includes a $70,000 civil penalty, $15,000 for attorney’s fees and costs, and a payment of $15,000 to a fund administered by the AG’s Office for educational programs concerning the protection of personal information and protected health information.

The incident occurred in 2012 occurred when an unauthorized person gained access to a BIDMC physician’s unlocked office on campus and stole an unencrypted personal laptop sitting unattended on a desk. The laptop contained the protected health information of 3,796 patients and employees as well as the personal information of 194 Massachusetts residents, of which 192 were BIDMC employees.

BIDMC CIO, John Halamka spoke to Healthcare Informatics in October of 2012 on another breach that occurred with one of BIDMC’s third-party vendors. He said after that breach, he forced all doctors with mobile devices to get them encrypted. This is acknowledged in the report by Coakley, who says the physician and members of his staff were not following these policies.

“The healthcare industry’s increased reliance on technology makes it more important than ever that providers ensure patients’ personal information and protected health information is secure,” Coakley said in a statement. “To prevent breaches like this from happening, hospitals must put in place and enforce reasonable technological and physical security measures.”

BIDMC is not the first Massachusetts hospital to get fined by Coakley’s office. South Shore Hospital, in Weymouth, paid $750,000 for two incidents that occurred in 2010.

 

Topics

News

Allscripts Touts 1 Billion API Shares in 2017

Officials from Chicago-based health IT vendor Allscripts have attested that the company has reached a new milestone— one billion application programming interface (API) data exchange transactions in 2017.

Dignity Health, CHI Merging to Form New Catholic Health System

Catholic Health Initiatives (CHI), based in Englewood, Colorado, and San Francisco-based Dignity Health officially announced they are merging and have signed a definitive agreement to combine ministries and create a new, nonprofit Catholic health system.

HHS Announces Winning Solutions in Opioid Code-a-Thon

The U.S. Department of Health and Human Services (HHS) hosted this week a first-of-its-kind two-day Code-a-Thon to use data and technology to develop new solutions to address the opioid epidemic.

In GAO Report, More Concern over VA VistA Modernization Project

A recent Government Accountability Office (GAO) report is calling into question the more than $1 billion that has been spent to modernize the Department of Veterans Affairs' (VA) health IT system.

Lawmakers Introduce Legislation Aimed at Improving Medicare ACO Program

U.S. Representatives Peter Welch (D-VT) and Rep. Diane Black (R-TN) have introduced H.R. 4580, the ACO Improvement Act of 2017 that makes changes to the Medicare accountable care organization (ACO) program.

Humana Develops Medication Management Tool

A new tool developed by Humana enables the company’s members to keep a list of their medications in one place.