Memorial Hospital pays $5.5M in settlement over potential HIPAA violations

“Memorial Healthcare Systems has agreed to pay a $5.5 million settlement to the U.S. Department of Health and Human Services over potential HIPAA violations. The security breach was discovered when Memorial launched an internal investigation in 2012 after two hospital employees stole patients’ personal information to make money filing phony tax returns, said Kerting Baldwin, […]

Settlement proposed in Home Depot data breach lawsuit

“A proposed settlement was submitted to the court for approval Wednesday which would conclude the data breach lawsuit brought against Home Depot stemming from a 2014 data breach. CUNA, state leagues and a number of credit unions are among the plaintiffs. “Credit unions and their members have unfortunately borne the brunt of lax merchant data […]

Memorial Healthcare Systems to pay $5.5M over potential HIPAA violations

“Memorial Healthcare Systems has paid HHS $5.5 million to settle potential HIPAA violations, HHS disclosed on Thursday. The six-hospital nonprofit system disclosed to HHS’ OCR that 115,143 individuals’ protected health information (PHI) had been impermissibly accessed by employees and impermissibly disclosed to affiliated physician office staff. The settlement comes weeks after Children’s Medical Center of […]

Data Breaches of eCommerce Retailers Cost $172 Per Record

“If your small business hasn’t been “hacked,” it can be difficult to quantify the potential impact of cyber crime. True the impact of a cyber-crime committed against your small business can range from simply annoying to potentially crippling. But in the end, the question remains whether a way exists to measure that impact in dollars […]

Stolen USB Drive Leads to $2.2 Million HIPAA Breach Penalty

“An insurance underwriter paid a $2.2 million HIPAA breach settlement after a USB drive containing the electronic protected health information (ePHI) of more than 2,200 people was stolen from its IT department, federal authorities announced today. As part of the Jan. 11 agreement, MAPFRE Life Insurance Company of Puerto Rico (MAPFRE) also entered into a […]

Foot-Dragging on HIPAA Breach Notice Costs Illinois Health System

“An Illinois health system has reached a $475,000 settlement over allegations it waited too long to report a data breach, the first time the government has settled over untimely breach notifications. Presence Health uncovered a data breach on Oct. 22, 2013 affecting 836 individuals, but didn’t report the breach to affected individuals until Feb. 3, […]

Presence Health agrees to $475,000 settlement over data breach report

Presence Health agreed to pay $475,000 to settle allegations it failed to promptly report a 2013 breach of patient health information. Paper operating room schedules containing information on 836 people went missing from the Surgery Center at Presence St. Joseph Medical Center in Joliet on Oct. 22, 2013, according to information from the U.S. Department […]

6 largest HIPAA settlement fines of 2016

“2016 served as evidence of two looming and growing issues in health IT: data breaches and HIPAA settlements. Not only did the number of data breaches and cyberattacks increase throughout the year, but HHS’ Office for Civil Rights also continued to become more aggressive in enforcing HIPAA regulations. Here are six of the largest HIPAA […]

UMass Will Pay $650,000 to Settle Potential HIPAA Violations

“The University of Massachusetts Amherst (UMass) has agreed to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy and Security Rules stemming from a malware infection back in 2013. The settlement includes a corrective action plan and a monetary payment of $650,000, which is reflective of the fact that […]

Physician offices hit with penalties for HIPAA violations

“Pediatricians in office practices who believe they don’t need to worry about privacy and security investigations related to the Health Insurance Portability and Accountability Act of 1996 (HIPAA) had better think again. HIPAA enforcement has begun exposing all covered entities (e.g., physician offices, clinics, hospitals, etc.) to civil and criminal penalties if proper administrative, technological […]