Banner Health to pay $1.25M over HIPAA Security Rule lapses

HHS building

A Phoenix-based nonprofit health system agreed to pay $1.25 million as part of a settlement with the Department of Health and Human Services (HHS) addressing violations of the Health Insurance Portability and Accountability Act Security Rule regarding a 2016 data breach.

The breach at Banner Health compromised the protected health information of 2.81 million consumers, the HHS stated in a Feb. 2 press release. The hacker accessed data that included patient names, physician names, dates of birth, addresses, Social Security numbers, clinical details, dates of service, claims information, lab results, medications, diagnoses and conditions, and health insurance information.

lock iconTHIS IS MEMBERS-ONLY CONTENT. To continue reading, choose one of the options below.