• $1.5 Million Settlement with U.S. Department of Health and Human Services for Alleged Privacy and Security Rule Violations is Yet Another Reminder to Develop HIPAA Compliance Procedures
  • March 26, 2012
  • Law Firm: Butzel Long A Professional Corporation - Detroit Office
  • In the first of its kind, on March 13, 2012, the Department of Health & Human Service (“HHS”) announced the settlement of a HIPAA large breach case (affecting over 500 individuals) with Blue Cross Blue Shield of Tennessee (“BCBST”) for a record $1.5 Million. The settlement was the result of BCBST’s self-disclosure of a potential HIPAA violation under the newly promulgated Health Information Technology for Economic and Clinical Health (“HITECH”) Act Breach Notification Rules, and represents the maximum civil monetary penalty (“CMP”) that may be imposed in a single calendar year for all identical violations of the HIPAA rules.