DOTmed Home MRI Oncology Ultrasound Molecular Imaging X-Ray Cardiology Health IT Business Affairs
News Home Parts & Service Operating Room CT Women's Health Proton Therapy Endoscopy HTMs Mobile Imaging
SEARCH
当前地点:
>
> This Story

starstarstarstarstar (1)
注册记数器 to rate this News Story
Forward Printable StoryPrint Comment
advertisement

 

advertisement

 

U.S. Healthcare Homepage

FDA workshop: is it servicing or remanufacturing? Part of effort to build collaborative communities among stakeholders

It's open season: how healthcare companies can boost their membership Insights from Michael Mathias on the insurance marketplace and the value of emotional connection

Patient leaders ask Congress to stand up for medical innovation and repeal the device tax Erika Hanson Brown calls on the Senate to usher in an era of greater innovation in cancer care

AMA survey: Radiologists top users of telemedicine for patient interactions First nationally representative estimates on usage

Mary C. Mahoney RSNA names chair of board of directors

Spectrum Dynamics files lawsuit against GE Alleges theft of intellectual property regarding VERITON-CT

Third-parties and OEMs seek common ground in service discussion A 'Collaborative Community' as the dust settles on RSNA

Many outpatient imaging providers unprepared for new AU rules launching in a year Targets top five percent of physicians ordering scans without proper criteria

FDA proposes 510(k) process changes Changing the role of predicate devices to encourage better technology

Patient advocate lecture may be a first ever at RSNA Focusing on imaging from a patient experience perspective

Anthem pays HHS $16 million over 'largest health data breach in US history'

Thomas Dworetzky , Contributing Reporter
Anthem has agreed to pay $16 million to the U.S. Department of Health and Human Services, Office for Civil Rights (OCR) and take “major corrective action” over the massive 2015 electronic health records hack against it that exposed the private information of nearly 79 million people.

“The largest health data breach in U.S. history fully merits the largest HIPAA settlement in history,” said OCR director Roger Severino in a statement, adding, “Unfortunately, Anthem failed to implement appropriate measures for detecting hackers who had gained access to their system to harvest passwords and steal people’s private information.”

Story Continues Below Advertisement

Dunlee announces the relaunch of DA135 CT/e, DA165NP and Akron tubes

Dunlee announces the return of the DA135 CT/e, DA165NP, S532B and S532Q(known as the Akron tubes) CT Replacement tubes, making its full portfolio of CT tubes for GE and Siemens CT scanners available once again.Click to learn more



The $16 million settlement eclipsed the previous high of $5.55 million paid to OCR in 2016.

The company reported the breach on March 13, 2015, revealing that hackers had breached its security on January 29, 2015, by using what is called an advanced persistent threat attack.

After the initial report, it was learned that the cyberattackers had used spear phishing emails to one of its subsidiaries and that at least one employee had been suckered into responding – which opened the way for additional attacks.

OCR determined that between December 2, 2014 and January 27, 2015, the hackers made off with the protected data, including names, social security numbers, medical ID numbers, addresses, dates of birth, email addresses, and employment information.

“We know that large healthcare entities are attractive targets for hackers, which is why they are expected to have strong password policies and to monitor and respond to security incidents in a timely fashion or risk enforcement by OCR,” said Severino.

Part of the Anthem punishment is because the firm also failed “to conduct an enterprise-wide risk analysis, had insufficient procedures to regularly review information system activity, failed to identify and respond to suspected or known security incidents, and failed to implement adequate minimum access controls to prevent the cyberattackers from accessing sensitive electronic protected health information (ePHI),” said the federal agency.

If Anthem fails to follow the corrective action plan laid out by OCR, and “and fails to curb the breach,” however, the agreement is off, according to the terms of the deal.

In June, 2017, Anthem agreed to a $115 million settlement of a lawsuit stemming from the breach.

The money represented the biggest data-breach settlement to date, according to a statement from the court-appointed plaintiff attorneys from Altshuler Berzon, Cohen Milstein, Girard Gibbs, and Lieff Cabraser.

“After two years of intensive litigation and hard work by the parties, we are pleased that consumers who were affected by this data breach will be protected going forward, and compensated for past losses,” said Eve Cervantez, co-lead counsel representing the plaintiffs in the Anthem litigation, at the time.

The agreement was given final approval on August 18.

The proposed deal also requires “Anthem to guarantee a certain level of funding for information security and to implement or maintain numerous specific changes to its data security systems, including encryption of certain information and archiving sensitive data with strict access controls.”

“We are very satisfied that the settlement is a great result for those affected and look forward to working through the settlement approval process,” said Andrew Friedman, co-lead plaintiffs’ counsel, at the time.

U.S. Healthcare Homepage


You Must Be Logged In To Post A Comment

做广告
提升您的品牌知名度
拍卖+私人销售
获得最好的价格
买设备/配件
找到最低价格
每日新闻
阅读最新信息
目录
浏览所有的DOTmed用户
DOTmed上的伦理
查看我们的伦理计划
金子分开供营商节目
接收PH要求
金子服务经销商节目
接收请求
提供保健服务者
查看所有的HCP(简称医疗保健提供商)的工具
工作/训练
查找/申请工作
Parts Hunter +EasyPay
获取配件报价
最近证明
查看最近通过认证的用户
最近额定
查看最近通过认证的用户
出租中央
租用设备优惠
卖设备/配件
得到最划算
服务技术员论坛
查找帮助和建议
简单的征求建议书
获取设备报价
真正商业展览
查找对设备的服务
对这个站点的通入和用途是受期限和条件我们支配 法律公告 & 保密性通知
物产和业主对 DOTmed.com,公司 Copyright ©2001-2018 DOTmed.com, Inc.
版权所有