Medical management company to pay $100K in landmark HHS ransomware case
By 
Kyle Brasseur2023-11-01T22:10:00
A Massachusetts-based medical management company agreed to pay $100,000 in settling the first ransomware agreement under the Health Insurance Portability and Accountability Act (HIPAA) reached by the Department of Health and Human Services’ Office for Civil Rights (HHS OCR).
Doctors’ Management Service filed a breach report with the HHS in April 2019 regarding a ransomware attack that impacted more than 200,000 individuals, the agency said in a press release Tuesday. The company first detected the breach in December 2018, though it determined the initial access dated back to April 2017.
The HIPAA privacy, security, and breach notification rules set requirements regulated entities must follow to protect the privacy and security of health information.
THIS IS MEMBERS-ONLY CONTENT
You are not logged in and do not have access to members-only content.
If you are already a registered user or a member, SIGN IN now.
Related articles
-
News BriefLafourche Medical Group to pay $480K in landmark HHS phishing action
Louisiana-based Lafourche Medical Group agreed to pay $480,000 as part of the first phishing attack-related settlement the Department of Health and Human Services’ Office for Civil Rights has reached under the Health Insurance Portability and Accountability Act.
-
News BriefMedical center to pay $80K for Covid-19 patient info shared with media
Saint Joseph’s Medical Center agreed to pay $80,000 as part of a settlement with the Department of Health and Human Services’ Office for Civil Rights for potential violations of the Health Insurance Portability and Accountability Act.
-
News BriefHHS orders L.A. Care to pay $1.3M over apparent HIPAA violations
L.A. Care Health Plan agreed to pay $1.3 million to settle allegations by the U.S. Department of Health and Human Services it potentially violated the Health Information Portability and Accountability Act.
More from Regulatory Enforcement
-
News BriefFTC sues Uber over deceptive subscriptions, a rare move for consumers by Trump officials
The Federal Trade Commission (FTC) filed a lawsuit against Uber, alleging the ride-hailing company signed customers up for its Uber One subscription without consent, then made it hard for them to cancel. The move marks the U.S. government’s latest broadside against big tech companies, and the first major action from ...
-
News BriefCFPB pullback signals further shift toward industry-friendly regulation
The U.S. Consumer Financial Protection Bureau continues to unravel amid pressure from Trump administration officials to shutter the agency. Not only has the agency informed its employees that it will no longer be a watchdog for the financial services industry, it has also laid off employees despite court orders blocking ...
-
News BriefTrump’s CFPB, dismissing Comerica case, continues to cut down Biden-era lawsuits
The Consumer Financial Protection Bureau dropped yet another consumer protection lawsuit against a bank or fintech provider since Donald Trump was sworn in as president in January. This time, it was with Comerica Bank.