The New Jersey Attorney General’s Office and Division of Consumer Affairs recently announced that two New Jersey-based printing companies, Command Marketing Innovations, LLC (CMI) and Strategic Content Imaging, LLC (SCI), agreed, pursuant to a Consent Order, to pay $130,000 in fines and penalties to settle allegations that they violated the state’s Consumer Fraud Act (CFA) and HIPAA. The basis of the allegations was that in providing mailing and printing services to a New Jersey managed healthcare organization, CMI and SCI failed to safeguard, and improperly disclosed, the personal health information of over 55,000 New Jersey residents.

CMI and SCI stated that the improper disclosures were caused by a technical printing error that resulted in claim numbers, dates of service, provider names, and service descriptions being disclosed. The Division of Consumer Affairs’ investigation found that the technical issue, which occurred in 2016, caused the back page of one member’s personal health information packet to be printed on the front page of another member’s packet. The Attorney General’s announcement made clear that whether or not the alleged violations were intentional, CMI and SCI were still liable under the CFA and HIPAA.

As part of the Consent Order, and in addition to the $130,000 in monetary fines and penalties, SCI and CMI agreed to change some of their business practices and implement safeguards to better protect personal health information. If SCI and CMI fully comply with the Consent Order, $65,000 of the original $130,000 will be forgiven.

Sign up to receive Rivkin Rounds at www.RivkinRounds.com.