The HHS Office of Civil Rights announced earlier this month that a court appointed receiver for Illinois moving and storage company, Filefax, has entered into a resolution agreement and corrective action plan to settle alleged violations of the HIPAA Privacy and Security Rules.  The receiver for Filefax, which went out of business during OCR’s investigation, has agreed to pay $100,000 for alleged mishandling and improper disclosure of medical records containing protected health information for approximately 2,150 patients. OCR Director Roger Severino has pointed to the settlement agreement as a reminder to companies that HIPAA still applies regardless of whether a covered entity is opening or closing its doors.  For more information, please see our Triage Health Law blog post.