After multiple HIPAA breaches, the Children’s Medical Center of Dallas has been fined a civil money penalty of $3.2 million, according to the HHS.
The reason for the fine? The hospital issued unencrypted Blackberry devices to nurses until 2013, and unencrypted laptops or tablets to other staff for just as long, in spite of knowing better.
We are understandably wary of HIPAA violations in social media. There are plenty of cases of healthcare workers violating HIPAA on their personal accounts. But I have never found a report of any US hospital receiving a fine for violating HIPAA on a hospital-sponsored social media platform. Am I wrong? Is anyone aware of that happening?