Careless handling of HIV information jeopardizes patient’s privacy, costs entity $387k

St. Luke’s-Roosevelt Hospital Center Inc. (St. Luke’s) has paid the U.S. Department of Health and Human Services (HHS) $387,200 to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy Rule and agreed to implement a comprehensive corrective action plan. St. Luke’s operates the Institute for Advanced Medicine, formerly Spencer Cox Center for Health (the Spencer Cox Center), which provides comprehensive health services to persons living with HIV or AIDS and other chronic diseases. St. Luke’s is 1 of 7 hospitals that comprise the Mount Sinai Health System (MSHS).

Read the HHS Press Release
Read the Resolution Agreement and Corrective Action Plan

Content created by Office for Civil Rights (OCR)
Content last reviewed May 23, 2017

Careless handling of HIV information jeopardizes patient’s privacy, costs entity $387k

Sign Up for Email Updates