dismiss

Clean Sweep Live Auction on Wed. January 30th. Click to view the full inventory

DOTmed Home MRI Oncology Ultrasound Molecular Imaging X-Ray Cardiology Health IT Business Affairs
News Home Parts & Service Operating Room CT Women's Health Proton Therapy Endoscopy HTMs Mobile Imaging
SEARCH
Current Location:
>
> This Story

starstarstarstarstar (1)
Log in or Register to rate this News Story
Forward Printable StoryPrint Comment
advertisement

 

advertisement

 

U.S. Healthcare Homepage

Now hospitals must post prices online, how is that working out? Complex figures and codes, and little insight into out-of-pocket costs

Rosemary Shull AMRA Medical welcomes senior vice president of global business development and marketing

Bozeman hospital settles fraud suit for $10 million Resolution after whistleblower fraud lawsuit three years ago

Healthcare investment booming in Richmond, Virginia area Roughly $500 million in development planned or underway

QT Ultrasound launches radiation-and-compression-free breast imaging centers Utilizing FDA-cleared QTscan technology

Radiology Partners adds on Nevada and Texas practices as partners Marks entrance into Nevada market

RIA and STRG merge to form Covalent Radiology and Covalent Healthcare Management Supporting independent and physician-led practices

Natividad undergoes $18 million radiology department renovations Include new interventional radiology suite and larger ultrasound suite

Proton therapy pioneer James M. Slater dies at 89 Oversaw creation of the world's first proton treatment center

Woman accuses ultrasound technician of rape, files suit in court Allegedly raped following a stomach and vaginal ultrasound exam

Anthem pays HHS $16 million over 'largest health data breach in US history'

by Thomas Dworetzky , Contributing Reporter
Anthem has agreed to pay $16 million to the U.S. Department of Health and Human Services, Office for Civil Rights (OCR) and take “major corrective action” over the massive 2015 electronic health records hack against it that exposed the private information of nearly 79 million people.

“The largest health data breach in U.S. history fully merits the largest HIPAA settlement in history,” said OCR director Roger Severino in a statement, adding, “Unfortunately, Anthem failed to implement appropriate measures for detecting hackers who had gained access to their system to harvest passwords and steal people’s private information.”

Story Continues Below Advertisement

Servicing GE Nuclear Medicine equipment with OEM trained engineers

We offer full service contracts, PM contracts, rapid response, time and material,camera relocation. Nuclear medicine equipment service provider since 1975. Click or call now for more information 800 96 NUMED



The $16 million settlement eclipsed the previous high of $5.55 million paid to OCR in 2016.

The company reported the breach on March 13, 2015, revealing that hackers had breached its security on January 29, 2015, by using what is called an advanced persistent threat attack.

After the initial report, it was learned that the cyberattackers had used spear phishing emails to one of its subsidiaries and that at least one employee had been suckered into responding – which opened the way for additional attacks.

OCR determined that between December 2, 2014 and January 27, 2015, the hackers made off with the protected data, including names, social security numbers, medical ID numbers, addresses, dates of birth, email addresses, and employment information.

“We know that large healthcare entities are attractive targets for hackers, which is why they are expected to have strong password policies and to monitor and respond to security incidents in a timely fashion or risk enforcement by OCR,” said Severino.

Part of the Anthem punishment is because the firm also failed “to conduct an enterprise-wide risk analysis, had insufficient procedures to regularly review information system activity, failed to identify and respond to suspected or known security incidents, and failed to implement adequate minimum access controls to prevent the cyberattackers from accessing sensitive electronic protected health information (ePHI),” said the federal agency.

If Anthem fails to follow the corrective action plan laid out by OCR, and “and fails to curb the breach,” however, the agreement is off, according to the terms of the deal.

In June, 2017, Anthem agreed to a $115 million settlement of a lawsuit stemming from the breach.

The money represented the biggest data-breach settlement to date, according to a statement from the court-appointed plaintiff attorneys from Altshuler Berzon, Cohen Milstein, Girard Gibbs, and Lieff Cabraser.

“After two years of intensive litigation and hard work by the parties, we are pleased that consumers who were affected by this data breach will be protected going forward, and compensated for past losses,” said Eve Cervantez, co-lead counsel representing the plaintiffs in the Anthem litigation, at the time.

The agreement was given final approval on August 18.

The proposed deal also requires “Anthem to guarantee a certain level of funding for information security and to implement or maintain numerous specific changes to its data security systems, including encryption of certain information and archiving sensitive data with strict access controls.”

“We are very satisfied that the settlement is a great result for those affected and look forward to working through the settlement approval process,” said Andrew Friedman, co-lead plaintiffs’ counsel, at the time.

U.S. Healthcare Homepage


You Must Be Logged In To Post A Comment

Advertise
Increase Your
Brand Awareness
Auctions + Private Sales
Get The
Best Price
Buy Equipment/Parts
Find The
Lowest Price
Daily News
Read The
Latest News
Directory
Browse All
DOTmed Users
Ethics on DOTmed
View Our
Ethics Program
Gold Parts Vendor Program
Receive PH
Requests
Gold Service Dealer Program
Receive RFP/PS
Requests
Healthcare Providers
See all
HCP Tools
Jobs/Training
Find/Fill
A Job
Parts Hunter +EasyPay
Get Parts
Quotes
Recently Certified
View Recently
Certified Users
Recently Rated
View Recently
Certified Users
Rental Central
Rent Equipment
For Less
Sell Equipment/Parts
Get The
Most Money
Service Technicians Forum
Find Help
And Advice
Simple RFP
Get Equipment
Quotes
Virtual Trade Show
Find Service
For Equipment
Access and use of this site is subject to the terms and conditions of our LEGAL NOTICE & PRIVACY NOTICE
Property of and Proprietary to DOTmed.com, Inc. Copyright ©2001-2019 DOTmed.com, Inc.
ALL RIGHTS RESERVED