New York Attorney General Eric Schneiderman and the University of Rochester Medical Center reached a settlement over a patient privacy violation on Dec. 11.
As part of the settlement the medical center agreed to train its workforce on protecting patient health information and pay a $15,000 fine, according to legalnewsonline.
The HIPAA violation occurred when a nurse practitioner switched employers and gave Greater Rochester Neurology, or GRN, a list of over 3,000 URMC patients. GRN then used the list to contact the patients and try to get them to switch health care.
RELATED: Businesses Associated With Hospitals Could Face HIPAA Audits
Although the breech isn’t considered particularly egregious and the fine amount is relatively small, the settlement sets an important precedent for other healthcare facilities.
In 2009, the Health Information Technology for Economic and Clinical Health Act gave state attorney generals the power to enforce HIPAA rules by seeking civil actions against hospitals. Although it is uncommon, healthcare facilities could see more actions brought against them by attorney generals in the future.
