News & Analysis as of

HIPAA Violation Results in $4.8 Million Settlement

While most healthcare providers know to pay close attention to the HIPAA rules when setting up their information technology systems, recent events have demonstrated that this close scrutiny should also be applied to computer...more

Florida Federal Judge Approves Settlement Agreement Providing Payments to All Victims of Data Breach, Even Those Who Suffered No...

On February 28, 2014, in Resnick et al. v. AvMed Inc., a Florida federal judge gave final approval to a groundbreaking settlement agreement in a data breach class action lawsuit. The settlement for the first time provides...more

“Cha-Ching” – HIPAA Settlement Reaches New Heights and Signals More To Come

In the largest HIPAA enforcement action to date, the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) extracted $4.8 million from two leading New York institutions, New York-Presbyterian Hospital...more

No Harm, Still Foul? Florida Court Approves Data-Breach Class Action Settlement

Data-breach class action suits may have just gained significant traction. On Feb. 28, 2014, the U.S. District Court for the Southern District of Florida approved a first of its kind class action data breach settlement that...more

Unique Data Breach Settlement – A Sign Of Things To Come?

A judge in the United States District Court for the Southern District of Florida has approved a $3 million data breach class action settlement agreement between AvMed, Inc. and plaintiffs. The settlement arises out of a...more

Dermatology Practice Agrees to Settlement in Connection with HIPAA Breach

A Massachusetts-based dermatology practice recently agreed to pay $150,000 to settle claims that it failed to have sufficient policies and procedures in place to address a breach notification requirement under the HITECH Act....more

Accretive Health Data Breach Leads To Twenty-Year Settlement With The FTC

On December 31, 2013, the Federal Trade Commission ("FTC") announced that Accretive Health, Inc., ("Accretive") agreed to settle charges that the company's inadequate data security measures exposed sensitive consumer...more

HHS Announces First HIPAA Settlement Based on Lack of Breach Notification Policies and Procedures

The Department of Health and Human Services (HHS) recently announced the first settlement under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) based on violations of the law's privacy, security,...more

Little Harm, Big Damages: AvMed Settlement Could Change the Landscape for Privacy Breach Class Actions

On October 21, Florida-based health insurer AvMed, Inc. (AvMed) settled a data breach class action lawsuit for $3 million, even though no plaintiffs in the class demonstrated that they had suffered identity theft or any other...more

Vermont Grocery Store Agrees to Settlement with Attorney General for Alleged Violation of State Data Breach Response Laws

Natural Provisions, Inc., a Vermont health foods grocery chain, agreed to pay $30,000 to settle claims brought by the Vermont attorney general that it failed to notify consumers and the attorney general within the statutory...more

Settlement Emphasizes the Need for HIPAA Risk Management

A HIPAA violation involving a health plan’s failure to erase protected health information from photocopier hard drives has resulted in a $1.2 million settlement. Your risk can be significantly reduced if you adopt and...more

Health Plan Agrees To $1.2 Million Settlement For Photocopier HIPAA Security Breach

The Department of Health and Human Services (HHS) announced a settlement on August 14, 2013, with Affinity Health Plan (Affinity), a not-for-profit managed care plan, which included a payment of $1,215,780, for a HIPAA...more

$1.2 Million Settlement Agreement Announced for HIPAA Charges Involving Leased Photocopiers

The Department of Health and Human Services announced on August 14, 2013, that it entered into a settlement agreement with Affinity Health Plan, Inc. (Affinity) resolving allegations that Affinity violated the Health...more

Health plan pays for failing to erase data on leased equipment: two takeaways for companies handling electronic PHI

The Office for Civil Rights (OCR) has announced a settlement between the US Department of Health and Human Services and Affinity Health Plan, Inc. to address potential violations of the Health Insurance Portability and...more

Hiding in plain sight: Failure to scrub patient data from digital copiers returned to leasing company results in $1.2 million...

We’ve sounded warnings about the lowly copy machine before. The proliferation of digital devices in the workplace means that data security must extend beyond computer networks and laptops. Seemingly old fashioned equipment,...more

WellPoint, Inc. Reaches $1.7 Million Dollar HIPAA Settlement Continuing the 2012 Trend of Heavy Fines

On July 11, 2013, the U.S. Department of Health and Human Services (HHS) announced that it had reached a $1.7 million dollar resolution agreement with insurer WellPoint Inc., following a security breach that left the personal...more

HIPAA security violations result in $1.7 million settlement

On July 8, 2013, WellPoint, Inc., a managed care company (“WellPoint”), agreed to pay a $1.7 million fine to settle a self-reported breach of HIPAA, a key federal health privacy law, that led to the unauthorized disclosure of...more

In $1.7M WellPoint Settlement, HHS Warns Covered Entities on Change Management

On July 8, 2013, the U.S. Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) entered into a $1.7 million resolution agreement with WellPoint over a 2009-2010 security breach....more

FTC Approves Order Settling Data Breach Charges

On May 3, the FTC approved a final order settling charges against a California-based cord blood bank firm alleged to have violated the FTC Act by failing to use reasonable and appropriate procedures for handling customers’...more

FTC Fines Path Mobile Social Networking App $800,000 for Privacy Breaches

The developer of the popular Path social networking app for mobile devices has agreed to settle Federal Trade Commission charges that it deceived users by collecting their personal information without their consent. As part...more

U.S. Department of Health and Human Services Announces First HIPAA Breach Settlement Involving Fewer than 500 Patients

On January 2, 2013, the U.S. Department of Health and Human Services ("HHS") settled its first case involving the unauthorized disclosure of the electronic protected health information ("ePHI") of fewer than 500 individuals....more

OCR'S Breach Settlement: The First Ever Involving Less Than 500 Patients

The HHS Office for Civil Rights (OCR) started 2013 with a bang by announcing that it had reached "the first settlement involving a breach of unprotected electronic protected health information (ePHI) affecting fewer than 500...more

Health Law Alert: Deficient Data Security On Mobile Devices Leads To First HIPAA Breach Settlement Involving Less Than 500...

On January 2, 2013, the U.S Department of Health and Human Services, Office of Civil Rights (OCR) announced its first HIPAA breach settlement involving less than 500 patients. OCR took action against a hospice provider in...more

First HHS OCR Settlement for HIPAA Breach Involving Less Than 500 Patients Sends Message to Providers

On January 2, 2013, HHS announced that the Hospice of North Idaho (HONI) agreed to pay $50,000 and enter into a Corrective Action Plan (CAP) as part of a settlement involving a breach of unsecured electronic protected health...more

Health Law Update — January 10, 2013

In This Issue: - Healthcare Provisions in the American Taxpayer Relief Act - the Good, the Bad and the Ugly - American Taxpayer Relief Act Amends Overpayment Recovery Time Limits - OIG Advisory Opinion Sheds...more

32 Results
|
View per page
Page: of 2