"[H]ealth plans and their fiduciaries, sponsors and administrators, health care providers, health care clearinghouses and their business associates should review plans, practices and data security as affecting [electronic protected health information (ePHI)] and other protected health information on mobile and other devices. On January 2, 2013, [HHS Office of Civil Rights (OCR)] announced [Hospice of Northern Idaho (HONI)] will pay OCR $50,000 to settle potential HIPAA violations that occurred in connection with the theft of an unencrypted laptop computer containing ePHI. The HONI settlement is the first settlement involving a breach of ePHI affecting fewer than 500 individuals."  MORE >>