AP NEWS
Click to copy
Click to copy

Texas cancer center faces $4.3M fine for data breaches

June 20, 2018

HOUSTON (AP) — Federal health officials have ordered the University of Texas MD Anderson Cancer Center to pay a $4.3 million fine for failing to secure health records stemming from data breaches.

The Houston Chronicle reports the U.S. Department of Health and Human Services announced Monday that MD Anderson’s failure to encrypt health records violated the 1996 patient privacy law known as the Health Insurance Portability and Accountability Act.

The case involves three incidents in 2012 and 2013 when the center’s devices were either stolen or lost, potentially compromising the health records of 35,000 people. The Office of Civil Rights’ investigation into the data breaches found the center didn’t fully encrypt all of its devices during that time.

MD Anderson had alleged the center wasn’t subject to encryption requirements because the health information involved was being used for research.

___

Information from: Houston Chronicle, http://www.houstonchronicle.com

All contents © copyright 2019 The Associated Press. All rights reserved.