News and Analysis

Women & Infants Hospital of Rhode Island has agreed to pay $150,000 to settle allegations that it failed to protect patient information in a HIPAA breach. The breach occurred in 2012 when 19 unencrypted backup tapes went missing, containing patient names, social security numbers, ultrasound images, and more. The hospital will now be required to maintain an inventory of all unencrypted devices containing protected health information and perform regular security audits.