Connecticut settles with Health Net for $375k for data breach
HIPAA Weekly Advisor, November 15, 2010
Want to receive articles like this one in your inbox? Subscribe to HIPAA Weekly Advisor!
Health Net keeps paying for its 2009 data breach.
The Connecticut Insurance Commission announced November 8 that it reached a settlement with Health Net in which the insurer will pay the state $375,000 in penalties for failing to safeguard members’ personal information from misuse by third parties.
The fine stems from the untimely notification of the 2009 loss of a disk drive from Health Net’s Shelton, CT, location resulting in the loss of PHI of approximately 500,000 Connecticut members.
Health Net cooperated fully with the state. It provided credit monitoring protection for two years to all Connecticut members and providers affected and “has undertaken significant steps to improve data and equipment security in both Shelton locations,” according to the state’s press release.
In July, Connecticut’s state attorney general’s office announced that it has reached a settlement with Health Net and its affiliates over the failure to secure the private medical records of policyholders and for the insurers’ delay in reporting the breach.
Connecticut Attorney General Richard Blumenthal said the settlement imposes a $250,000 fine on the company for HIPAA and HITECH violations, and requires the insurer to adopt rigorous security and notification measures.
Want to receive articles like this one in your inbox? Subscribe to HIPAA Weekly Advisor!
Related Products
Most Popular
- Articles
-
- Q/A: Volume requirement for reporting hydration services
- Featured blog post: Nurses face felony charges after reporting physician to the Texas Medical Board
- Catch up on what's new with injections and infusions
- Identify potential Medicaid RAC target areas
- Topic: CMS, OESS post new security compliance review information, checklist
- HIPAA Q&A: Level of encryption needed for email
- Capturing all necessary codes for IUD insertion and removal can be challenging
- What does case-mix index mean to you?
- OB services: Coding inside and outside of the package
- QA:Coding multiple initial infusions
- E-mailed
-
- Q/A: Volume requirement for reporting hydration services
- Featured blog post: Nurses face felony charges after reporting physician to the Texas Medical Board
- HIPAA Q&A: Level of encryption needed for email
- Q&A: Follow CMS' coding guidelines when using modifier -25
- Catch up on what's new with injections and infusions
- CMS has reformulated payments for some bilateral procedures
- New conflicts of interest create new challenges
- Q/A. One injection code or two?
- What does case-mix index mean to you?
- ED-to-inpatient transfers are flawed with safety gaps
- Searched