Staff blunder leads to HIPAA breach

Penn State Milton S. Hershey hospital is notifying nearly 2,000 patients of a HIPAA breach after an employee accessed and transmitted patients’ protected health data outside of the hospital’s secure information network. The employee accessed patient data via an unsecure USB device through his home network, and also transmitted patient data via personal email. This is the first large HIPAA breach reported by Penn State Hershey. Mayo Clinic emphasizes the importance of employee education in ensuring patient privacy. Over 31.6 million people have had their protected health information compromised in a HIPAA breach. The Office for Civil Rights has levied over $25.1 million in fines for HIPAA violations.