Triple-S Management settles $3.5 Million HIPAA fine


HIPAA violation fines Paubox

Another HIPAA violation fine has just been settled. The amount is staggering to say the least. As of today, the Health and Human Services Department (HHS) agreed to a $3.5 million settlement with Triple-S Management Corporation for HIPAA violations.

Triple-S Management Corporation, an insurance holding company based out of San Juan, Puerto Rico offers a variety of insurance products and services through its subsidiaries. These subsidiaries include Triple-Salud Inc., Triple-C Inc., Triple-S Advantage Inc. (aka American Health Medicare Inc.). The large HIPAA fine resulted from an OCR initiated investigation.

The Office of Civil Rights (OCR) investigated Triple-S, after multiple breach notifications involving unsecured PHI. The results of OCR’s investigation was incredibly disturbing. OCR’s investigation showed that Triple-S had rampant and widespread non-compliance issues. The results of the investigations include:

  1. Failure to implement physical, technical, and administrative safeguards to PHIs
  2. Impermissible disclosure of PHI
  3. Use of more PHI than necessary to accomplish tasks
  4. Failure to perform a risk analysis to assess vulnerabilities
  5. Failure to implement security measures to reduce risks and vulnerabilities of PHIs

With the help of OCR, Triple-S has already undertaken the necessary changes that the OCR recommended.  The changes include performing a risk analysis and risk management plan. Evaluating and addressing the environmental or operational conditions that affect the security of the PHIs. Training its workforce on the different aspects of HIPAA. Triple-S hopes that these changes will shore up its vulnerabilities and prevent future incidents.

However, one must ask is it already too late? Many people know that once healthcare data is leaked, it is incredibly difficult to fix and this type of data is extremely valuable on the black market.

Paubox can help your organization meet HIPAA compliance and stay protected with our seamless HIPAA compliant email and more. Visit our homepage to learn more.

Try Paubox Email Suite for FREE today.

About the author

Phuong Tran

Phuong Tran is a Carnegie Mellon University-Heinz College graduate with a degree in healthcare policy and management. In his spare time he enjoys discovering new restaurants and playing basketball.

Read more by Phuong Tran

Get started with
end-to-end protection

Bolster your organization's security with state-of-the-art email encryption and inbound email security.

Highest rated HIPAA compliant messaging solution on G2

EmailEncryption BestMeetsRequirements MeetsRequirements
SecureEmailGateway MostImplementable Total
SecureEmailGateway Leader Leader
SecureEmailGateway EasiestToUse EaseOfUse
SecureEmailGateway EasiestAdmin EaseOfAdmin
SecureEmailGateway BestUsability Total
SecureEmailGateway BestResults Total
SecureEmailGateway BestRelationship Total
EmailEncryption UsersMostLikelyToRecommend Nps
EmailEncryption MomentumLeader Leader