Connecticut hospital, EMC agree to pay $90,000 as part of a “voluntary compliance assurance” agreement. The incident, involving a stolen unencrypted laptop, affected nearly 9,000 individuals. Both the hospital and EMC have agreed to take a number of corrective actions to improve their HIPAA compliance. The HITECH Act of 2009 gave state attorneys general authority to bring civil actions on behalf of state residents for violations of the HIPAA privacy and security rules. The recent case in Connecticut should put covered entities and business associates on alert about potential state legal action, says independent HIPAA attorney Susan Miller.”]
Source: https://www.healthcareinfosecurity.com/state-fines-hospital-emc-after-breach-a-8669