No Business Associate Agreement Leads to 31k Fine

Failure to complete a business associate agreement has once again led to large repercussions for a small medical practice.

The Center for Childrens Digestive Health (CCDH) just paid $31,000 resulting from a HIPAA violation related to business associate agreements. CCDH is a small healthcare provider with seven clinic locations in Illinois.

The U.S. Department of Health and Human Services Office for Civil Rights began a compliance review for the practice in August 2015. The review was initiated to investigate whether CCDH’s disclosure of protected health information (PHI) to Filefax, a third-party vendor that stored paper records was permissible under the HIPAA. The investigation discovered that while CCDH had been working with Filefax since 2003, neither could produce a Business Associate Agreement that dated before October 12th, 2015.

Read more, including the resolution agreement and corrective action plan, at the U.S Department of Health and Human Services website.

Scroll to Top

Download "HIPAA-Secure Smartphones"

You already have all the technology you need to secure smartphones at your company. All you need is some guidance about what really works. In our BYOD Blueprint, I’ll show you simple steps you can take right now to reduce cybersecurity threats from employee smartphones.

To download your copy of “HIPAA-Secure Smartphones”, simply provide your email address below.  A download link will appear shortly after