- Chief Compliance Officer and VP of Legal Affairs, Arrow Electronics
By 
Kyle Brasseur2023-11-01T22:10:00
A Massachusetts-based medical management company agreed to pay $100,000 in settling the first ransomware agreement under the Health Insurance Portability and Accountability Act (HIPAA) reached by the Department of Health and Human Services’ Office for Civil Rights (HHS OCR).
Doctors’ Management Service filed a breach report with the HHS in April 2019 regarding a ransomware attack that impacted more than 200,000 individuals, the agency said in a press release Tuesday. The company first detected the breach in December 2018, though it determined the initial access dated back to April 2017.
The HIPAA privacy, security, and breach notification rules set requirements regulated entities must follow to protect the privacy and security of health information.
THIS IS MEMBERS-ONLY CONTENT. To continue reading, choose one of the options below.
News and analysis for the well-informed compliance or audit exec.
Annual Membership best value
Subscribe now for $365
Our lowest price ($1 per day) for one year.
Register for free
Receive the CW newsletter and access CPE webcasts.
Louisiana-based Lafourche Medical Group agreed to pay $480,000 as part of the first phishing attack-related settlement the Department of Health and Human Services’ Office for Civil Rights has reached under the Health Insurance Portability and Accountability Act.
Saint Joseph’s Medical Center agreed to pay $80,000 as part of a settlement with the Department of Health and Human Services’ Office for Civil Rights for potential violations of the Health Insurance Portability and Accountability Act.
L.A. Care Health Plan agreed to pay $1.3 million to settle allegations by the U.S. Department of Health and Human Services it potentially violated the Health Information Portability and Accountability Act.
RTX Corp., the parent company of Raytheon, disclosed in a public filing it has reserved $1.24 billion to resolve legacy legal matters with the Department of Justice, Securities and Exchange Commission, and Department of State.
The U.K. Financial Conduct Authority issued a fine of $4.5 million (3.5 million pounds) against a U.K.-based subsidiary of crypto platform Coinbase for providing services to high-risk customers in violation of FCA rules.
Admera Health agreed to pay more than $5.5 million to resolve allegations first brought by two whistleblowers that it paid kickbacks to third-party contractors, the Department of Justice said.
