Phoenix IT Support

Phoenix Computer Specialists are your local tech support specialists. Contact Us today for all your “Valley Of The Sun” IT and computer support needs.

Do you have an immediate need?

 Yes No

Enter Word Verification



Just a quick note to say thank you. Over the years you have consistently offered service and suggestions as our business has evolved. You have always had out best interest at heart, and I appreciate your integrity and ability. While emergencies have been rare, your response has been quick and effective. I would highly recommend Phoenix Computer to anyone seeking to outsource their IT needs. You guys are great!

Kathryn Petty
Sir Aubrey's Tea Company, Ltd.
Read more››
Your Phoenix Microsoft Partner

Phoenix Computer Support

Don’t Have an Extra $2 Million Laying Around to Settle a HIPAA Fine? Then Pay Attention to Details and Encrypt Your Mobile Devices!


HIPAA SecurityThe U.S. Department of Health & Human Services Office for Civil Rights has fined two healthcare organizations for potential HIPAA violations resulting from unencrypted stolen laptops. The healthcare organizations received combined fines of nearly $2 million. That’s a fairly huge fine! The OCR is attempting to showcase the importance of mobile device security, however, many healthcare organizations don’t seem to understand how critical it is to secure their mobile devices.

Susan McAndrew, the OCR’s deputy director of health information privacy, explained “our message to these organizations is simple: encryption is your best defense against these incidents.” Does your healthcare organization encrypt all mobile devices? If not, your organization could suffer the same fate if a laptop is lost or stolen.

A HIPAA Breach Leads to More Than Just a Hefty Fine – Your Organization’s Reputation is At Risk!

The two settlements were levied against Concentra Health Services and QCA Health Plan, Inc. Concentra Health Services was fined $1,725,220 because an unencrypted laptop was stolen from the Springfield Missouri Physical Therapy Center, which is one of their many facilities. QCA Health Plan, Inc. was fined $250,000 because an unencrypted laptop was stolen from an employee’s car. The laptop contained personal health information for 148 patients.

While these two organizations are facing hefty fines, their reputations will also be severely damaged as a result of the HIPAA breaches. Keep in mind, your patients are expecting their personal health information to be confidential. And of course, they deserve confidentiality at all times. If you fail to maintain confidentiality, your patients will lose confidence in your organization.

Although Concentra Health Services conducted a few risk analyses documenting the lack of encryption, the organization failed to encrypt all laptops to protect personal health information for their patients. In fact, 163 out of 597 laptops were unencrypted.

QCA Health Plan, Inc. also failed to encrypt laptops, however, mobile devices were encrypted after the breach. The OCR’s investigation discovered that QCA Health Plan, Inc. wasn’t in compliance with multiple HIPAA requirements. In addition to the $250,000 fine, QCA Health Plan, Inc. is required to do the following:

  • Submit an updated risk analysis and risk management plan.
  • Retrain the entire workforce.
  • Document ongoing compliance efforts.

$2 Million in Penalties Could’ve Easily Been Avoided – Pay Attention to Details for HIPAA Compliance!

During the past year, there have been far too many OCR settlements that could’ve easily been avoided. For example, WellPoint’s $1.7 million fine for allowing PHI to be disclosed online or Affinity Health Plan’s  $1.2 million fine for leaving PHI on a photocopier after disposing the equipment.

As a healthcare organization, IT security is absolutely mandatory to achieve HIPAA compliance. Always pay attention to details, such as encryption and proper equipment disposal. Once you’ve conducted a risk analysis, implement appropriate safeguards to mitigate risks.

To learn more about HIPAA compliance, give us a call or send us an email. We can help you implement appropriate safeguards to mitigate risks and prevent HIPAA breaches.

Comments are closed.