Jul 29 2010
The Wall Street Journal: "Rite Aid Corp. agreed to pay $1 million to settle potential violations of government privacy rules after regulators said it failed to protect customers' and employees' financial and medical information. The drug-store chain's agreement with the Federal Trade Commission requires the company to establish an information-security program and obtain a third-party audit of its compliance to that effect every two years for the next 20 years." The settlement resulted after the FTC investigated reports that Rite Aid used open dumpsters to throw away items such as "pharmacy labels and job applications. Meanwhile, HHS also began investigating the disposal of health information protected under the Health Insurance Portability and Accountability Act, or HIPAA" (Jarzemsky, 7/27).
NPR Shots Blog: "The settlement is the second largest of it's kind -- the largest was a very similar action taken against the chain drug store CVS last year." CVS paid a $2.25 million fine. (Fulton, 7/27).
 This article was reprinted from khn.org with permission from the Henry J. Kaiser Family Foundation. Kaiser Health News, an editorially independent news service, is a program of the Kaiser Family Foundation, a nonpartisan health care policy research organization unaffiliated with Kaiser Permanente.
|