HIPAA Violations – 13 Settlements So Far In 2020

Did you know?

Till October 2020, there were 13 settlements for some kind of breaches that violated the Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security Rules.

The largest HIPAA settlement in the U.S. Health Data Breach History is $16 Million. 

Anthem HIPAA Violaiton

Anthem Inc. an independent licensee of the Blue Cross and Blue Shield Association provides medical care coverage to one in eight Americans through its affiliated health plans. A breach attack was filed by Anthem Inc. with the Office for Civil Rights (OCR) which investigated the matter and the results revealed that the ePHI of almost 79 million individuals was stolen – considered as the largest health data breach in U.S. history breach. Anthem agreed to pay $16 million. 

The cause: The reasons for the breach was attributed to the failure to implement protective measures that should have detected early attacks by hackers to steal and harvest sensitive people’s private information. Further, procedures to conduct enterprise-wide risk analysis were not in place, failure in the identification of suspicious incidents, and the absence of adequate minimum access controls to prevent cyber-attacks led to this catastrophe resulting in colossal losses in damages.

The second largest HIPAA settlement was $6.85 Million. 

Premera HIPAA Violations Premera Blue Cross (PBC) accepted to pay to the Office for Civil Rights (OCR) in the U.S. Department of Health and Human Services (HHS) $6.85 Million to settle a Data Breach. 

The cause: Cyber-attack of the PBC’s IT system whereby hackers installed malware that not only went unchecked but breached the electronic Protected Health Information (ePHI)  of 10.4 million people.

Serious consequences for slighting HIPAA

The failure in adhering to set standards and compliances to securing data that could prove to be catastrophic and too expensive in terms of the settlement. 

The list of providers who settled with the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) under the HIPAA Right of Access this year.

“Conducting Security Risk Analysis Annually Can Save Millions In Data Breaches”

How can databrackets help you?

databrackets’ certified privacy and security professionals can help healthcare Covered Entity(CE) and Business Associate(BA) comply with the HIPAA/HITECH compliance assurance requirement most efficiently and cost-effectively, by leveraging databrackets’ SaaS assessment platform, awareness training, policies, and procedures and consulting expertise..

databrackets recommends healthcare entities to conduct comprehensive HIPAA/HITECH compliance assessment to prevent data breaches on a yearly basis.

To learn more about our HIPAA services, visit us at https://databrackets.com/services/hipaa-hitech-compliance-assurance/

The following two tabs change content below.
Our mission is to assist organizations in developing and implementing practices to secure data and comply with regulations. With several years of experience in the IT and health care industries, databrackets is poised to meet the needs of your organization via: - Consulting Services - Online, Do-it-yourself Toolkits for Security Risk Assessment - Education (Training, Webinar, and Workshops) For details on how databrackets can provide customized assistance for your organization, please contact us at info@databrackets.com.