A small dermatology practice in Concord, Massachusetts has agreed to pay a $150,000 fine for the loss of one USB thumb drive holding 2,200 patients records. The USB thumb drive was stolen from the car of a staffer and has not been recovered.
In addition to the HIPAA fine, the dermatology practice must create a corrective action plan to address compliance deficiencies.
http://www.healthcareinfosecurity.com/clinic-hit-150000-hipaa-penalty-a-6321