Nixon Peabody LLP

  • People
  • Capabilities
  • Insights
  • About

Trending Topics

    • People
    • Capabilities
    • Insights
    • About
    • Locations
    • Events
    • Careers
    • Alumni

    Practices

    View All

    • Affordable Housing
    • Community Development Finance
    • Corporate & Finance
    • Cybersecurity & Privacy
    • Environmental
    • Franchising & Distribution
    • Government Investigations & White Collar Defense
    • Healthcare
    • Intellectual Property
    • International Services
    • Labor & Employment
    • Litigation
    • Private Wealth & Advisory
    • Project Finance
    • Public Finance
    • Real Estate
    • Regulatory & Government Relations

    Industries

    View All

    • Cannabis
    • Consumer
    • Energy
    • Entertainment
    • Financial Services
    • Healthcare
    • Higher Education
    • Infrastructure
    • Manufacturing
    • Non Profit
    • Real Estate
    • Technology

    Value-Added Services

    View All

    • Alternative Fee Arrangements

      Developing innovative pricing structures and alternative fee agreement models that deliver additional value for our clients.

    • Continuing Education

      Advancing professional knowledge and offering credits for attorneys, staff and other professionals.

    • Crisis Advisory

      Helping clients respond correctly when a crisis occurs.

    • DEI Strategic Services

      Providing our clients with legal, strategic, and practical advice to make transformational changes in their organizations.

    • eDiscovery

      Leveraging law and technology to deliver sound solutions.

    • Global Services

      Delivering seamless service through partnerships across the globe.

    • Innovation

      Leveraging leading-edge technology to guide change and create seamless, collaborative experiences for clients and attorneys.

    • IPED

      Industry-leading conferences focused on affordable housing, tax credits, and more.

    • Legal Project Management

      Providing actionable information to support strategic decision-making.

    • Legally Green

      Teaming with clients to advance sustainable projects, mitigate the effects of climate change, and protect our planet.

    • Nixon Peabody Trust Company

      Offering a range of investment management and fiduciary services.

    • NP Capital Connector

      Bringing together companies and investors for tomorrow’s new deals.

    • NP Second Opinion

      Offering fresh insights on cases that are delayed, over budget, or off-target from the desired resolution.

    • NP Trial

      Courtroom-ready lawyers who can resolve disputes early on clients’ terms or prevail at trial before a judge or jury.

    • Social Impact

      Creating positive impact in our communities through increasing equity, access, and opportunity.

    1. Home
    2. Insights
    3. Articles
    4. Failure to have business associate agreement in place leads to OCR penalties for Florida physician groupArticles

    Article

    Failure to have business associate agreement in place leads to OCR penalties for Florida physician group

    Jan 2, 2019

    Share

    By Jena Grady

    On December 4, 2018, the Department of Health and Human Services Office for Civil Rights (OCR) announced that Advanced Care Hospitalists PL (ACH) had agreed to pay $500,000 to OCR and adopt a corrective action plan to settle possible violations of the HIPAA Privacy and Security Rules.

    On December 4, 2018, the Department of Health and Human Services Office for Civil Rights (OCR) announced that Advanced Care Hospitalists PL (ACH) had agreed to pay $500,000 to OCR and adopt a corrective action plan to settle possible violations of the HIPAA Privacy and Security Rules.

    ACH provides internal medicine physicians to hospitals and nursing homes. Its physicians serve more than 20,000 patients annually. Between November 2011 and June 2012, ACH obtained billing data processing services from an individual who claimed to represent a third-party billing company named Doctor’s First Choice Billings, Inc. (First Choice). Without knowledge or permission of First Choice, the individual provided medical billing services to ACH using First Choice’s name and website. ACH never entered into a business associate agreement with First Choice or the individual allegedly representing First Choice.

    A local hospital notified ACH on February 11,2014, that patient information was viewable on the First Choice website, including but not limited to social security numbers and clinical information. The website was shut down and removed from internet access on February 12, 2014. ACH filed a breach notification report to OCR on April 11, 2014, and a supplemental breach report thereafter finding that over 9,000 patients could have been affected.

    OCR’s investigation determined that not only did ACH fail to enter into a business associate agreement before disclosing PHI to the individual as required by HIPAA, ACH also failed to have policies in place requiring business associate agreements for sharing of PHI until April 2014. Furthermore, OCR noted that although ACH had been operating since 2005, it failed to conduct a risk analysis as provided by the HIPAA Security Rule until March 4, 2014.

    ACH’s corrective action plan in part requires ACH to annually submit an accounting of ACH’s business associates and copies of the business associate agreements that it maintains, conduct a risk analysis, develop a risk management plan and review and revise its policies and procedures to comply with the HIPAA Privacy, Security and Breach Notification Rules.

    OCR’s press release about this settlement can be found here.

    PrivacyHealth Care And Hipaa

    Subscribe to stay informed of the latest legal news, alerts, and business trends.Subscribe

    • People
    • Capabilities
    • Insights
    • About
    • Locations
    • Events
    • Careers
    • Alumni
    • © 2023 Nixon Peabody. All rights reserved
    • Privacy Policy
    • Terms of Use
    • Statement of Client Rights
    • Supplier Diversity Program
    • Nixon Peabody International LLC
    • PAL