Connecticut AG reaches agreement with Health Net over data breach

Huge Two-Day Clean Sweep Auction July 24-25th. Click Here to Bid!

advertisement
Current Location:
>
> This Story


Log in or Register to rate this News Story
Forward Printable StoryPrint Send us your Comments
advertisement

 

advertisement

 

More Industry Headlines

UnitedHealth Group reported strong second quarter 2019 results, beating expectations Total revenues at $60.6 billion, up eight percent year over year

New technique enables quick AI-based breast cancer diagnoses Relies on synthetic images for training

Konica Minolta and Shimadzu bring Dynamic Digital Radiography to RADspeed Pro at AHRA Able to show the motion of structures in X-ray images

AHRA Product Showcase A few of the solutions that will be on display at the event

The rise of medical device hacking: How strong is your network security? In Q3 of 2018 alone, 4.4 million medical records were compromised

Balancing AI and the human touch with two new approaches Technology shouldn't sacrifice the clinician-patient relationship

Patients like the idea of telemedicine, but what about physicians? New study examines U.S. physician interest in telemedicine

Research shows how hurricanes hinder radiotherapy outcomes Treatment transfers and eliminating out-of-network insurance charges could help

Intuitive acquires Schölly Fiberoptic's robotic endoscope business Enhances supply chain, raises manufacturing capacity for imaging devices

Siemens forms $113 million alliance with UM System and MU Health Care The 10-year partnership will focus on improved care delivery and research

Health Net settles
with Connecticut AG.

Connecticut AG reaches agreement with Health Net over data breach

by Astrid Fiano , DOTmed News Writer
Connecticut Attorney General Richard Blumenthal has announced that his office has reached a settlement with health insurance company Health Net over a failure to secure patient information on almost a half-million state enrollees, and subsequent failure to promptly notify consumers about the breach. The settlement involves Health Net of the Northeast Inc., Health Net of Connecticut Inc., and parent companies UnitedHealth Group Inc. and Oxford Health Plans.

As previously reported in DOTmed, Blumenthal filed a federal suit against the company, alleging that in May of 2009 Health Net learned that a portable computer disk drive containing protected health information (social security numbers and bank account numbers) for the Connecticut enrollees disappeared from the company's Shelton, CT office. According to the complaint in the suit, Health Net delayed and otherwise failed to properly inform the state attorney general's office, the Connecticut Department of Insurance, Department of Consumer Protection or any other government agency authority of the missing drive and its health and private information. The unencrypted disk drive allegedly contained 27.7 million scanned pages of over 120 different types of documents. including insurance claims forms, membership forms, appeals and grievances, correspondence and medical records.

Story Continues Below Advertisement

Servicing GE Nuclear Medicine equipment with OEM trained engineers

We offer full service contracts, PM contracts, rapid response, time and material,camera relocation. Nuclear medicine equipment service provider since 1975. Click or call now for more information 800 96 NUMED



Blumenthal said in a press release that a Health Net consultant later investigated and concluded that the disk drive was probably stolen. The suit was the first by a state attorney general for violations of the federal Health Insurance Portability and Accountability Act of 1996, after the Health Information Technology for Economic and Clinical Health Act authorized state attorneys general to enforce HIPAA. The settlement includes a $250,000 payment to the state. Blumenthal praised the companies involved for cooperation in the matter, and accepting responsibility.

According to the stipulated judgment entered in the case, Health Net and affiliates have agreed to a corrective action plan. Health Net will be using a third-party service to monitor and protect new members, and to have credit restoration services for any identity theft that occurs. The company will also improve existing privacy and security programs, including training for employees, monitoring and reports.

"This settlement is sadly historic -- involving an unparalleled health care privacy breach and an unprecedented state enforcement of HIPAA," Blumenthal said in the press release. "More than the money, this settlement sends a strong message to Health Net and all guardians of private health and financial information about their profound responsibilities to protect medical and financial records.

Related: