Those who want to see HHS/OCR come down like a ton of bricks on more entities and impose heavier civil monetary penalties for HIPAA breaches will likely not be happy to learn that HHS has decided to reduce the maximum civil penalties it will impose for the four tiers of violations of HIPAA. Under the…
Category: Breach Incidents
Class-action lawsuit filed against Baystate Health over data breach
Jim Kinney reports that the Baystate Health breach that impacted 12,000 patients has resulted in at least one potential class-action lawsuit. The suit was filed April 11 in U.S. District Court in Springfield, Massachusetts. Lead plaintiff Aleyda Torresis of Springfield, says she is now at heightened risk for identity theft and other cybercrime, according to…
Inmediata Health Group notifies covered entities’ patients after exposure of PHI on web
From their press release: Inmediata Health Group, Corp. (“Inmediata”) recently became aware of a data security incident that may have involved the limited personal and medical information of some of its customers’ patients. Inmediata is directly mailing notification letters to individuals who may have been affected by this incident and to provide resources to assist…
“FTC gives two companies a slap on the wrist after appalling hacks”
A story on ZDNet is headlined, “FTC gives two companies a slap on the wrist after appalling hacks.” That headline may be true as far as it goes, but it’s a bit unfair or misleading, so let’s dive into this a bit more. Catalin Cimpanu reports: The US Federal Trade Commission has agreed to settle…
Greek DPA Issues EUR 30,000 Fine For Data Protection Violation by Hellenic Petroleum S.A.
Hunton Andrews Kurth writes: On April 15, 2019, the Greek Data Protection Authority (“DPA”) fined Hellenic Petroleum S.A. EUR 20,000 for unlawful processing of personal data and EUR 10,000 for failing to adopt appropriate data security measures. Hellenic Petroleum S.A. had engaged a vendor to conduct a study on its behalf. The study was exposed…
Illinois dental insurer notifies members after phishing attack
Delta Dental is the largest dental plan system in the United States, composed of 39 member companies. Today, Delta Dental of Illinois disclosed a security incident affecting an unspecified number of their insured members and dependents. According to the notification signed by their CEO, they recently learned that an employee had fallen prey to a…