Wednesday, November 26, 2014

BREACH: Xerox and Texas Health and Human Services Commission Dispute Leads to Breach Notification via OSINT-X Newswires

An ongoing legal dispute between the Texas Health and Human Services Commission and its former contractor, Xerox, has led the state agency to report to federal authorities that the business associate was responsible for a data breach affecting 2 million individuals.

The dispute, which arose when the state ended its contract with Xerox, serves as an important reminder of the importance of preparing for the ending of relationships between covered entities and BAs by including specific details about data return or destruction in business associate agreements.

Despite the ongoing nature of the legal battle, the breach already has been added to the Department of Health and Human Services' "wall of shame" tally, which tracks breaches affecting 500 or more individuals since September 2009, when the HIPAA breach notification rule kicked in. The tally now includes 1,167 incidents affecting a total of nearly 41.3 million individuals. Business associates have been involved in approximately 25 percent of those incidents.

No comments:

Post a Comment