Steven A. Porter, MD, came under investigation after his practice filed a breach report involving a business associate. It was discovered Dr. Porter hadn’t conducted a risk analysis during and after the breach and also hadn’t adopted security measures to help prevent future breaches by addressing potential vulnerabilities.
“The failure to implement basic HIPAA requirements, such as an accurate and thorough risk analysis and risk management plan, continues to be an unacceptable and disturbing trend within the healthcare industry,” said Roger Severino, director of the OCR.
Dr. Porter must also follow a corrective action plan with two years of monitoring
More articles on gastroenterology:
State revokes license of pediatric gastroenterologist who sent inappropriate texts to patient
Gastroenterology still an attractive specialty for PE investment: 4 must-read articles
Takeda continues non-core asset sell-off for $825M
