Here’s today’s reminder that it’s not just HHS OCR that entities need to be concerned about in terms of enforcement of data security requirements for health data. ASRC Federal Data Solutions LLC (AFDS), headquartered in Reston, Virginia, has agreed to resolve False Claims Act allegations in connection with a government contract related to its storage…
Category: Subcontractor
Revenue Cycle Vendor Notifying 400,000 Patients of Hack
Marianne Kolbasuk McGee reports: A Texas-based healthcare revenue cycle management firm is notifying nearly 400,000 individuals of a hacking incident that it says originated with another third party. The incident is among a growing list of major health data breaches implicating vendors and affecting tens of millions of patients so far this year. Gryphon Healthcare…
ADT Says Outside Party Obtained Employee Data in Cybersecurity Incident
Connor Hart reports: ADT is working with third-party cybersecurity experts and federal law enforcement to address an incident in which an outside party had illegally accessed its network, obtaining encrypted employee data. The Boca Raton, Fla., home-security company on Monday said that the outside party, which it called an unauthorized actor, was able to access…
Alaska Corrections contractor denies ACLU claim of ‘massive’ prisoner health data breach
Sage Smiley reports: The American Civil Liberties Union of Alaska said that it uncovered a “massive” violation of medical privacy laws by a software company used by the Alaska Department of Corrections. But the software company at the center of the complaint claims that’s “false and misleading,” and that there was no breach of data…
600,000 Prison Inmates to Share in $6.49M Breach Settlement
Marianne Kolbasuk McGee A misconfigured web server and the exposure of sensitive information for nearly 600,000 prison inmates in 2022 will cost medical claims processing company CorrectCare $6.49 million to settle a consolidated proposed class action lawsuit, according to court records. The incident affected inmates who received medical care between January 2012 and July 2022…
AT&T ordered to pay $13M settlement in latest setback for company
Paulina Okunytė reports: After allegedly paying nearly $400,000 for a ransom in May, AT&T is reaching for its wallet again. This time, it’s to settle a cloud breach investigation led by the FCC. In a press release on September 17th, 2024, the Federal Communications Commission (FCC) announced a $13 million settlement with AT&T to resolve…