HB Ad Slot
HB Mobile Ad Slot
HB Ad Slot
Excellus Health Pays $5.1 Million to Resolve HIPAA Breach Involving Over 9 Million People
Monday, January 18, 2021

On January 15, 2021 the U.S. Department of Health and Human Services, Office for Civil Rights (“HHS”) announced a $5,100,000 settlement with Excellus Health Plan, Inc. ("Excellus") for violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy and Security Rules.

According to HHS, hackers accessed the Excellus electronic medical records system from December 2013 through May 11, 2015, resulting in the disclosure of the protected health information for over 9.3 million people.  This data included patient name, address, date of birth, email addresses, social security number, bank account information, health plan claims and clinical treatment information.    

In additional to the monetary settlement, Excellus agreed to a very thorough and detailed two-year Corrective Action Plan.

You can read the HHS Resolution Agreement and the Corrective Action Plan here.

HB Ad Slot
HB Ad Slot
HB Mobile Ad Slot
HB Ad Slot
HB Mobile Ad Slot
HB Ad Slot
HB Mobile Ad Slot
 

NLR Logo

We collaborate with the world's leading lawyers to deliver news tailored for you. Sign Up to receive our free e-Newsbulletins

 

Sign Up for e-NewsBulletins