[ISN] Vendor sacked for HIPAA breach blunder

http://www.healthcareitnews.com/news/vendor-sacked-after-HIPAA-breach-blunder By Erin McCann Associate Editor Healthcare IT News May 1, 2014 Can a subcontractor expect to keep the job after accidentally posting protected health information of some 15,000 patients online? A Boston teaching hospital says, ‘definitely not.’ The 496-bed Boston Medical Center in Massachusetts has fired third-party vendor MDF Transcription after hospital officials discovered the company posted health records and demographic data of 15,000 patients to the vendor’s website with no password protection. “As a result, the notes could have potentially been accessed by non-authorized individuals,” BMC spokesperson Jenny Eriksen Leary wrote to Healthcare IT News. When asked how long the information had been posted publicly online, Eriksen Leary said hospital officials are not sure, but they are currently working with MDF to determine that information. The hospital has been working with MDF Transcription for 10 years. […]