Excellus Health Plan fined $5.1M for 2015 data breach
By 
Jaclyn Jaeger2021-01-20T16:21:00
The U.S. Department of Health and Human Services’ Office for Civil Rights fined Excellus Health Plan $5.1 million for failures relating to a 2015 data breach that exposed the personal information of 9.3 million individuals.
Related articles
-
News BriefBanner Health to pay $1.25M over HIPAA Security Rule lapses
Banner Health agreed to pay $1.25 million as part of a settlement with the Department of Health and Human Services addressing violations of the Health Insurance Portability and Accountability Act Security Rule regarding a 2016 data breach.
-
ArticleDems seek stronger HIPAA privacy for abortion patients
Democratic senators are urging the Department of Health and Human Services to strengthen federal health privacy protections for abortion patients by updating the HIPAA Privacy Rule.
-
ArticleBreach costs Premera Blue Cross $6.85M; second-largest HIPAA fine
Premera Blue Cross has agreed to pay $6.85 million in a settlement with the U.S. Department of Health and Human Services regarding a 2014 data breach that affected the personal and health plan information of over 10.4 million people.
More from Regulatory Enforcement
-
ArticleJudge orders CVS to pay nearly $290M for Medicare false claims
CVS’s Caremark division knowingly overcharged Medicare for prescription drugs and must pay nearly $290 million, a Pennsylvania federal judge has ordered.
-
News BriefSEC charges duo in $275 million water vending machine Ponzi scheme
The owner of a water machine vending company and a portfolio manager were allegedly behind a Ponzi-like scheme that raised more than $275 million, according to the U.S. Securities and Exchange Commission.
-
Basic Page‘Extraordinary cooperation’ pays off for PFS Investments
As regulators shift toward rewarding transparency, self-regulation and self-reporting, the way PFS Investments handled a longstanding problem serves as an example of how proactive remediation can turn a costly compliance error into a manageable regulatory outcome.