Idaho State University is paying a $400,000 fine to the federal government to settle allegations it improperly exposed confidential medical records.
On Aug. 9, 2011, ISU told the U.S. Department of Health and Human Services of a breach of its unsecured electronic protected health information.
A subsequent investigation by the federal agency determined the school in Pocatello hadn’t adequately assessed potential risks to medical information shielded from release by the federal law known as the Health Insurance Portability and Accountability Act, or HIPAA.
As part of the agreement this month, Idaho State won’t contest the amount of the payment.
Want to publish your own articles on DistilINFO Publications?
Send us an email, we will get in touch with you.
The school has also agreed to take protective measures, to ensure that a future release of student medical information doesn’t occur.
ISU also has to submit reports, to show it’s in compliance.
Date: May 22, 2013