Tag: breach

States Strengthen Laws Addressing Health Information Handling and Breach Response

Connecticut and Oregon were recently added to the increasing list of states  adopting stricter laws addressing the handling of health information and penalties in connection with breaches of health information.  Both states amended their respective data security and breach notification laws and they will now levy stricter requirements on entities that store or […]

CareFirst Discloses Data Breach

CareFirst, a Blue Cross Blue Shield plan serving the Washington D.C. metro area, became another in a line of health insurers to suffer a data breach as a result of hackers.  CareFirst and the FBI are examining the breach which potentially compromised 1.1 million customers.  The company reports that although […]

Colorado Pharmacy Reaches HIPAA Settlement with OCR Following Improper Records Disposal

Yesterday, the U.S. Department of Health and Human Services’ Office for Civil Rights (“OCR”) announced that Cornell Prescription Pharmacy of Denver, Colorado (“Cornell Pharmacy”) has agreed to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”).  Cornell Pharmacy, a single location pharmacy, will pay a $125,000 […]

Class Action Following Health Information Data Breach

As we discussed in our previous post, Premera Blue Cross (Premera) recently revealed that it suffered a massive data breach potentially exposing the personal data of 11 million customers.  On Thursday Premera was hit with a proposed class action lawsuit in Washington federal court accusing it of negligence associated with the […]

Another Large Scale Data Breach Announced by Premera Blue Cross

Premera Blue Cross revealed Tuesday it was hit by a sophisticated cyber attack potentially exposing personal data for approximately 11 million of its members including members, employees and others with whom it does business, dating back to as early as 2002.  The insurer said its investigation revealed the initial malware attack occurred on May […]

The Aftermath of the Anthem Breach

On February 4, 2015, Anthem Inc. (“Anthem”) announced a data breach involving the personal information of up to 80 million individuals resulting from what it characterized as a sophisticated, targeted cyber-attack.  According to Anthem, the information involved in the data breach included: names; dates of birth; social security numbers; health care […]

Deadline Approaching for Reporting 2014 HIPAA Breaches

All covered entities that discovered security breaches under the Health Insurance Portability and Accountability Act (“HIPAA”) in 2014 should be aware of an upcoming reporting deadline.  Specifically, breaches that affected fewer than 500 individuals and were discovered in 2014 must be reported to the U.S. Department of Health and Human […]

Alaska Provider Reaches HIPAA Settlement with OCR for Security Deficiencies

On December 8, 2014, the U.S. Department of Health and Human Services’ Office for Civil Rights (“OCR”) announced that Anchorage Community Mental Health Services (“ACMHS”) has agreed to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”).  ACMHS will pay a $150,000 penalty and also enter […]

Beth Israel To Pay $100,000 for Massachusetts Health Information Breach

Beth Israel Deaconess Medical Center (Beth Israel) reached a settlement with the Massachusetts Attorney General’s Office for a data breach in which a physically unsecured laptop was stolen containing personal and protected health information of nearly 4,000 patients and employees.  In May 2012, a physician’s laptop was stolen from his desk at […]

OCR Rep Discusses HIPAA Violations, Enforcement Actions, and Upcoming Audit Program

Last week, the National Institute of Standards and Technology (“NIST”), in conjunction with the U.S. Department of Health and Human Services’ Office for Civil Rights (“OCR”), hosted a conference entitled “Safeguarding Health Information: Building Assurance through HIPAA Security.”  Both OCR officials and others within the industry spoke regarding HIPAA developments.  […]