EyeMed Vision Care Reaches Attorney General Settlement, Again

Hold onto your glasses because EyeMed Vision Care has just reached its third settlement over a 2020 data breach that impacted 2.1 million individuals! The vision insurer has agreed to pay a whopping $2.5 million settlement with the states of New Jersey, Oregon, and Florida following an investigation into EyeMed's data security program, which was found to be lacking and contributed to the breach. Yikes! [...]

2023-07-24T15:14:30-04:00May 19th, 2023|

NY AG SHIELD UP! Vision Benefits Provider Settles Email Data Breach

In January of 2022, EyeMed Vision Care LLC, a New York vision benefits provider, settled an action brought by the New York State Attorney General against it for failing to implement adequate data security measures, including multifactor authentication, password management, and logging of email accounts.  These deficiencies resulted in a 2020 email data breach during which hackers accessed an EyeCare email account [...]

2023-07-27T14:18:12-04:00January 26th, 2022|

New Jersey State Attorney General Settles HIPAA Claims Against Printing Companies

In November of 2021, the New Jersey State Attorney General’s (AG) Office, Division of Consumer Affairs, settled 2 HIPAA claims, one HIPAA claim against Command Marketing Innovations (CMI), and another HIPAA claim against CMI’s business associate, Strategic Content Imaging, LLC (SCI). This $130,000 resolution settled each company’s potential HIPAA Security Rule and Privacy Rule violations. The printing companies were drummed into New Jersey court for having [...]

2023-07-27T15:32:01-04:00December 21st, 2021|

$130K State HIPAA Settlement Announced

Two printing companies settled with New Jersey over an incident that exposed protected medical and client information. Under the state HIPAA settlement, Command Marketing Innovations, LLC (CMI) and Strategic Content Imaging, LLC (SCI) agreed to pay a $130,000 fine and implement more robust security policies. Why Were They Fined? The incident that led up to the state HIPAA settlement occurred when the [...]

2023-07-27T16:12:19-04:00November 12th, 2021|

AMCA Settles 2019 PHI Breach With 41 State Attorneys General

In 2019, the American Medical Collection Agency discovered that it was the victim of a data breach. Not just any data breach, though; the breach was the largest healthcare breach reported in 2019. AMCA, which operates in multiple states, informed states of the breach in June of 2019. A subsequent investigation led by the Attorneys General of Indiana, Texas, Connecticut and New York, led to a multistate lawsuit [...]

2023-07-28T14:02:54-04:00March 15th, 2021|

21st Century Oncology Settles HIPAA Data Breach Lawsuit

In late 2015, a cyberattacker accessed 21st Century Oncology’s (21CO) network database. As a result, 21CO was investigated by the Department of Health and Human Services’ (HHS) Office for Civil Rights. 21CO settled with HHS, however, a class action lawsuit was then filed against them. Details on the settlement and the HIPAA data breach lawsuit are discussed below. 21st Century Oncology and OCR Settlement [...]

2023-07-31T11:49:57-04:00February 18th, 2021|

CHS Reaches Multistate HIPAA Settlement After OCR Fine

After reaching a HIPAA settlement for extensive HIPAA violations, Community Health Systems reached another settlement with 28 states. Additional details of the multistate HIPAA settlement are described below. What is a Multistate HIPAA Settlement? There’s no right against HIPAA double jeopardy. In other words, OCR may fine a covered entity or business associate for noncompliance. At the same time, before, or after, [...]

2023-07-31T15:09:33-04:00October 14th, 2020|